We are concerned about security, that’s why we use TLS to connect to the jabber and the jabber connects to LDAP (Microsoft AD) for authentication using SSL. As I understood from the documentation the jabber does not store/cache LDAP accounts/passwords locally.
My question is: Can someone with access to the server view in some way a LDAP username/password while it’s sent to the jabber? Not by cracking TLS or SSL but by setting some kind of LDAP or jabber debugging on, or something like that.
Thank you for your answers.