[ https://issues.apache.org/jira/browse/AIRFLOW-3164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16700987#comment-16700987 ]
Maciej BryĆski edited comment on AIRFLOW-3164 at 11/27/18 8:47 PM: ------------------------------------------------------------------- Still you can enable TLS option as default and give the ability to disable it. Auth backend it's not an option. It's a hack. Difficult to implement and even more difficult to maintain. Sometimes if you're working in bigger company changes like enabling TLS are not easy to process. Long story short: give users options and don't break backward compatibility in bugfix versions. was (Author: maver1ck): Still you can enable TLS option as default and give the ability to disable it. Auth backend it's not an option. It's a hack. Difficult to implement and even more difficult to maintain. Sometimes if you're working in bigger company changes like enabling TLS are not easy to process. Long story short: give users options and don't break your code in bugfix versions. > verify certificate of LDAP server > --------------------------------- > > Key: AIRFLOW-3164 > URL: https://issues.apache.org/jira/browse/AIRFLOW-3164 > Project: Apache Airflow > Issue Type: Bug > Reporter: Bolke de Bruin > Priority: Blocker > Fix For: 1.10.1 > > > Currently we dont verify the certificate of the Ldap server this can lead to > security incidents. -- This message was sent by Atlassian JIRA (v7.6.3#76005)