Posted by johnbarclay on January 14, 2012 at 8:16pm
I maintain the LDAP module for drupal 7. In the next version I was considering moving some of the data in $user->data array into fields attached to the the user entity. These fields would have the UI widget of "hidden".
This would make integration with feeds, migrate and other modules much easier. The data would be ldap cn, ldap dn and other ldap attributes.
From a security perspective, is there any advantage to $user->data or hidden fields on the user entity?