How do you store a username/password securely in a rails app when using it for many ldap searches?
The connection in the app requires
ldap_bind_authenticate(Net::LDAP.new, username, password)
each time a search is made, and the credentials of the user are not stored at logon. I often see developers using a test user for the searches and storing a plaintext username/password pair in the user.rb model. Is there a more secure way to do this?
Aucun commentaire:
Enregistrer un commentaire