[ 
https://issues.apache.org/jira/browse/SYNCOPE-505?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14030741#comment-14030741
 ] 

Francesco Chicchiriccò commented on SYNCOPE-505:
------------------------------------------------

The use case you mention above is one of use cases this issue should cover, but 
not the only one.

Syncope requires an input password when subscribing an user to a new resource, 
unless {{AES}} is used or that resource does not define a password mapping 
entry.
With this issue, password could be actually propagated to a resource - even 
from internal storage - when plugging-in the {{*PasswordPropagationActions}}: 
for this reason I think it is important to take care not to overwrite any 
password already prepared for propagation by the {{PropagationManager}}, in the 
{{*PasswordPropagationActions}} code.

> Support propagating non-cleartext passwords to external resources
> -----------------------------------------------------------------
>
>                 Key: SYNCOPE-505
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-505
>             Project: Syncope
>          Issue Type: Improvement
>          Components: core
>            Reporter: Francesco Chicchiriccò
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.2.0
>
>
> Similarly to SYNCOPE-313 during synchronization, it seems feasible to provide 
> some Propagation Actions classes (say {{DBPasswordPropagationActions}} and 
> {{LDAPPasswordPropagationActions}} that will propagate non-cleartext password 
> values to external resources.
> This might require some changes in the related connector bundles.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to