Evaluate and fix issue known to OpenAM as #201801-02

[siepkes]

Evaluate and fix issue known to OpenAM as #201801-02

Since we share a common heritage with OpenAM the issue described here as "Issue #201801-02: Configuration password stored in plain text" probably affects wren:AM too.

We need to evaluate if and how this issue affects wren:AM and fix it.

The issue in the referenced document describes the export of server settings contain some configuration passwords in plain text.

The document indicates there is no workaround.

[pavelhoral]

You can get password values via get-sub-cfg command in 13.0.0:

ssoadm get-sub-cfg -u amadmin -f pwd.txt -e / -s iPlanetAMAuthLDAPService -g MyLDAP

iplanet-am-auth-ldap-auth-level=0
iplanet-am-auth-ldap-search-filter=(objectclass=inetOrgPerson)
iplanet-am-auth-ldap-search-scope=SUBTREE
iplanet-am-auth-ldap-return-user-dn=true
iplanet-am-auth-ldap-bind-passwd=thisissecret
iplanet-am-ldap-user-creation-attr-list=
...

Not sure if the issue is fixed in the current master or not...

[pavelhoral]

I guess it is not fixed if you compare how GetSubConfiguration prints property values compared to GetAuthInstance.

[karelmaxa]

The issue was fixed in #137.