New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ldap password in config file #173
Comments
I'm having the same problem. I'm currently working on something with a requirement that no passwords must be in plain text. It might not give much more meaningful security in reality, but it will allow this system to conform to many countries regulations for no sensitive data to be found in plain text. |
Any update? |
Not as far as I know sadly. |
Hello any update on this ? |
Hello, any progress on this requirement? |
No progress, but we'd gladly review a pull request for this functionality |
We are doing some "spring cleaning in the fall", and to make sure we focus our energies on the right issues and we get a better picture of the state of the repo, we are closing all issues that we are carrying over from the ODFE era (ODFE is no longer supported/maintained, see post here). If you believe this issue should still be considered for current versions of OpenSearch, apologies! Please let us know by re-opening it. Thanks! |
This issue should still be considered (I have not enought skill to help you on this :) ) |
The bind password used for authentication and/or authorization is both readable in the config file and in Kibana.
It will be better to use a hash like for internal user password or to store the password with another mechanism like the elastic keystore.
The text was updated successfully, but these errors were encountered: