encrypt password in session (#2988)
The goal is to encrypt password instead of storing it in clear text if the configuration requires to keep the password in session
The password can then be decrypted in a header, attribute or post field when it needs to be sent to another application