0026626: Add config option to not cache (insecure MD5) password hashes in the database - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0026626	mantisbt	ldap	public	2020-01-25 00:09	2020-02-09 07:05

Reporter	rogueresearch	Assigned To	atrol
Priority	high	Severity	major	Reproducibility	have not tried
Status	closed	Resolution	duplicate

Summary	0026626: Add config option to not cache (insecure MD5) password hashes in the database
Description	According to the Admin Guide: "An MD5 hash of the user's password will be stored in the database upon successful login, allowing fall-back to Standard Authentication when the LDAP server is not available." This is unfortunate, because I was hoping to use LDAP as a workaround for bug 0022839. Could a configuration flag be added to prevent this caching?
Tags	No tags attached.

rogueresearch 2020-01-25 16:15 reporter ~0063517	Ha!, I'd even commented on the dupe. :)