# HG changeset patch
# User Marcin Kuzminski <marcin@rhodecode.com>
# Date 2017-04-10 15:16:17
# Node ID cfb5e8aeac02aa7b9e0b8e1dc92203fa49420c0e
# Parent  a01bfbcac9a56ef80edf717e6634d35701dcb4cc

auth-plugins: define unsafe settings

diff --git a/rhodecode/authentication/plugins/auth_crowd.py b/rhodecode/authentication/plugins/auth_crowd.py
--- a/rhodecode/authentication/plugins/auth_crowd.py
+++ b/rhodecode/authentication/plugins/auth_crowd.py
@@ -189,6 +189,7 @@ class CrowdServer(object):
 
 
 class RhodeCodeAuthPlugin(RhodeCodeExternalAuthPlugin):
+    _settings_unsafe_keys = ['app_password']
 
     def includeme(self, config):
         config.add_authn_plugin(self)
diff --git a/rhodecode/authentication/plugins/auth_ldap.py b/rhodecode/authentication/plugins/auth_ldap.py
--- a/rhodecode/authentication/plugins/auth_ldap.py
+++ b/rhodecode/authentication/plugins/auth_ldap.py
@@ -334,6 +334,7 @@ class AuthLdap(object):
 class RhodeCodeAuthPlugin(RhodeCodeExternalAuthPlugin):
     # used to define dynamic binding in the
     DYNAMIC_BIND_VAR = '$login'
+    _settings_unsafe_keys = ['dn_pass']
 
     def includeme(self, config):
         config.add_authn_plugin(self)