# HG changeset patch
# User Marcin Kuzminski <marcin@rhodecode.com>
# Date 2017-04-10 15:16:17
# Node ID 00f033ddce952e54c73584d043afb6412d95ca20
# Parent  73a21507d67f886ca1ca2146e188fa9cb4283da4

auth-plugins: define unsafe settings

diff --git a/rhodecode/authentication/plugins/auth_crowd.py b/rhodecode/authentication/plugins/auth_crowd.py
--- a/rhodecode/authentication/plugins/auth_crowd.py
+++ b/rhodecode/authentication/plugins/auth_crowd.py
@@ -189,6 +189,7 @@ class CrowdServer(object):
 
 
 class RhodeCodeAuthPlugin(RhodeCodeExternalAuthPlugin):
+    _settings_unsafe_keys = ['app_password']
 
     def includeme(self, config):
         config.add_authn_plugin(self)
diff --git a/rhodecode/authentication/plugins/auth_ldap.py b/rhodecode/authentication/plugins/auth_ldap.py
--- a/rhodecode/authentication/plugins/auth_ldap.py
+++ b/rhodecode/authentication/plugins/auth_ldap.py
@@ -334,6 +334,7 @@ class AuthLdap(object):
 class RhodeCodeAuthPlugin(RhodeCodeExternalAuthPlugin):
     # used to define dynamic binding in the
     DYNAMIC_BIND_VAR = '$login'
+    _settings_unsafe_keys = ['dn_pass']
 
     def includeme(self, config):
         config.add_authn_plugin(self)