On Tue, Jun 9, 2015 at 5:24 AM, brock samson <[email protected]> wrote:
> i am running apacheds2-M19 as embedded with some custom interceptors. up > to this point, i have been using SingleFileLdifPartition to load my > config.ldif file. since it loads the config.ldif before > DefaultDirectoryService.start(), i am also able to manually set the > interceptors via DefaultDirectoryService.setInterceptors() before the start > as well. what i do not like about it is that it requires the config.ldif > file to be on the disk in clear text, which is a security risk in my > opinion. what i would like is for the config partition to is your concern about clear text passwords in config.ldif? if yes, the just turn them into salted hashes other than this I don't see any other security issues with having config in plain text. (If someone managed to reach this far to access your config file then there is a much bigger hole in the network/system ;) look like all other partitions (i.e. system partition), which is a > collection of .db and .lg files. i am able to accomplish that by using > JdbmPartition class, but i cannot successfully load the config.ldif file > via new LdifFileLoader(DefaultDirectoryService.getAdminSession(), > config.ldif, null).execute() until after DefaultDirectoryService.start(), > which makes it too late to set interceptors. is there a way to have config > partition as JdbmPartition AND load its config.ldif before starting the > service? or is there a another way to not have config.ldif on the disk in > clear text? thanks! no, it is not possible to have this config loaded into any other partition type -- Kiran Ayyagari http://keydap.com
