Skip to Content
0
Nov 16, 2010 at 08:52 PM

UserID/Pwd is passed in plain text?

42 Views

Hi, In our architecture we are having Business Objects web servers in DMZ and clustered app servers inside firewall. We are on BOXI R2 SP3. Right now security certificate is installed on Web servers.

Due to our load balancer issue we want to move security certificate to load balancer. In this case we think that when users enter usersID/Pwd from Infoview then it will be encrypted till it reaches at load balancer but once it travels from Load Balancer to web server then it travels in plain text format.

Our Load Balancer is in public Zone and Web server is in DMZ. This gives a risk of someone getting LDAP userID/Password.

Does that means this information flows in plain text format?

Thanks,