LDAPS should not be an advanced setting

Description

When authenticating using ldap, a simple bind is used.  This exposes the admin dn (account used to search ldap), and users username and password. 

I was able to confirm this while running wireshark on the ldap server that openfire authenticates with.

This can be mitigated by using ldaps and starttls.

Environment

None
Fixed

Assignee

Greg Thomas

Reporter

speedy

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Fix versions

Priority

Critical
Configure