1 Reply Latest reply: Jun 29, 2010 12:05 AM by 807573 RSS

    Capturing Passwords Changed via OpenSSO


      We have a requirement to capture a user's password when changed, either after logging in or using secrets, and pushing this password to a different repository as clear text. Does anyone know how this can be done in OpenSSO?

        • 1. Re: Capturing Passwords Changed via OpenSSO
          You could write a post authentication plugin which grabs the IDToken2 request parameter and then do whatever you want to do with it. However, pushing a password in clear text isn't a good idea and goes against best practices. I do hope your environment at least uses encryption like SSL to protect the traffic.