Skip to Main Content
Forums

APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Clear text authentication LDAP

idreesJul 28 2019 — edited Aug 19 2019

Dear All,

we are using oracle apex 18.1 on oracle database 12c on linux.

we are using Microsoft active directory LDAP for authentication.

we received the following alarm from our firewall team.

Sending credentials over network in clear text form is susceptible to man in the middle attacks i.e. attacker can sniff the traffic to obtain the credentials and use them for malicious purposesĀ  

Reconfigure the servers to Use SSL/TLS protocols when communicating with Active directory servers for authentication purposes

how can we overcome this issue?

please note that we haven't yet configure the HTTPS.

does this means we need to configure the HTTPS or we need to set the ssl in the LDAP authentication scheme?

Thanks
This post has been answered by Billy Verreynne on Jul 29 2019
Jump to Answer
Comments
Post Details
Added on Jul 28 2019
#apex-discussions
1 comment
279 views