[ https://issues.apache.org/jira/browse/SYNCOPE-505?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14030741#comment-14030741 ]
Francesco Chicchiriccò commented on SYNCOPE-505: ------------------------------------------------ The use case you mention above is one of use cases this issue should cover, but not the only one. Syncope requires an input password when subscribing an user to a new resource, unless {{AES}} is used or that resource does not define a password mapping entry. With this issue, password could be actually propagated to a resource - even from internal storage - when plugging-in the {{*PasswordPropagationActions}}: for this reason I think it is important to take care not to overwrite any password already prepared for propagation by the {{PropagationManager}}, in the {{*PasswordPropagationActions}} code. > Support propagating non-cleartext passwords to external resources > ----------------------------------------------------------------- > > Key: SYNCOPE-505 > URL: https://issues.apache.org/jira/browse/SYNCOPE-505 > Project: Syncope > Issue Type: Improvement > Components: core > Reporter: Francesco Chicchiriccò > Assignee: Colm O hEigeartaigh > Fix For: 1.2.0 > > > Similarly to SYNCOPE-313 during synchronization, it seems feasible to provide > some Propagation Actions classes (say {{DBPasswordPropagationActions}} and > {{LDAPPasswordPropagationActions}} that will propagate non-cleartext password > values to external resources. > This might require some changes in the related connector bundles. -- This message was sent by Atlassian JIRA (v6.2#6252)