0000755: Support for configuring LDAP password storage scheme - SOGo

ID	Project	Category	View Status	Date Submitted	Last Update

0000755	SOGo	SOPE	public	2010-08-18 20:49	2012-01-26 16:32

Reporter	Jason Oster	Assigned To	ludovic
Priority	normal	Severity	feature	Reproducibility	N/A
Status	closed	Resolution	fixed
Target Version	1.3.12	Fixed in Version	1.3.12

Summary	0000755: Support for configuring LDAP password storage scheme
Description	When changing LDAP passwords, (with SOGoPasswordChangeEnabled enabled; I have not tried with LDAP Password Policies enabled) SOGo stores the passwords in plain text. I would like the option to hash password, for example using the Salted-SHA1 (SSHA) scheme: http://www.openldap.org/doc/admin24/security.html#Password%20Storage The option could be integrated with the userPasswordAlgorithm preference, which is currently only used for SQL authentication sources, and only supports MD5.
Tags	No tags attached.

Jason Oster 2010-08-18 20:53 reporter ~0001311	Looks like userPasswordAlgorithm now supports the CRYPT scheme (again, only for SQL) since Bug 0000703.

vgsi 2011-09-01 12:24 reporter ~0002839	+1 Don't like to have clear text passwords stored... As we use LDAP for CAS/SSO and wish to use SOGo as the frontend (pwd update...) it is a must have !

ludovic 2012-01-26 16:32 administrator ~0003323	Fixed - see: http://mtn.inverse.ca/revision/diff/05f7c7299403692e01480ce30ae2a612e6172f84/with/64559b055668abe30f492544f049160b05cf7ab9

Date Modified	Username	Field	Change
2010-08-18 20:49	Jason Oster	New Issue
2010-08-18 20:53	Jason Oster	Note Added: 0001311
2011-09-01 12:24	vgsi	Note Added: 0002839
2011-12-30 16:35	ludovic	Target Version	=> 1.3.12
2012-01-26 16:32	ludovic	Note Added: 0003323
2012-01-26 16:32	ludovic	Status	new => resolved
2012-01-26 16:32	ludovic	Fixed in Version	=> 1.3.12
2012-01-26 16:32	ludovic	Resolution	open => fixed
2012-01-26 16:32	ludovic	Assigned To	=> ludovic
2012-01-26 16:32	ludovic	Status	resolved => closed