Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-20733

SASL authentication with Active Directory

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Instead of simple bind, use SASL to provide some degree of data encryption out of the box.

      MSDN lists various mechanisms that AD supports, and it includes DIGEST-MD5, which works with plain text password Jenkins has received from the browser (via the login form.) SASL is supported by JNDI LDAP implementation so activating it should be very simple.

        Attachments

          Issue Links

            Activity

            Hide
            kohsuke Kohsuke Kawaguchi added a comment -

            One of the reasons people want JENKINS-3730 is to avoid plain text password on the network caused by simple bind. This will prevent that.

            Show
            kohsuke Kohsuke Kawaguchi added a comment - One of the reasons people want JENKINS-3730 is to avoid plain text password on the network caused by simple bind. This will prevent that.
            Hide
            kohsuke Kohsuke Kawaguchi added a comment -

            JENKINS-15847 indicates that maybe this is also useful for LDAP plugin.

            Show
            kohsuke Kohsuke Kawaguchi added a comment - JENKINS-15847 indicates that maybe this is also useful for LDAP plugin.

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              kohsuke Kohsuke Kawaguchi
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated: