I am testing LDAP with RT 5.0. Because of some problem, the user is not able to be created.
By default, RT logs the username password in the log (either a log file or syslog). This is not desirable.
Related log:
HTML::Mason::Request::comp(undef, undef, “next”, “12345”, “pass”, “Your password!”, “user”, “testuser”) called at /opt/rt5/sbin/…/lib/RT/Interface/Web.pm line 321
RT::Interface::Web::HandleRequest(HASH(0x7f836b460d68)) called at /opt/rt5/share/html/autohandler line 53
HTML::Mason::Commands::ANON(“next”, “12345”, “user”, “testuser”, “pass”, “Your password!”) called at /usr/share/perl5/vendor_perl/HTML/Mason/Component.pm line 135
I would suggest it would not log password to the log file by default. Then have an option to enable the logging of the password.
Thanks.