karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Freeman Fang (JIRA)" <j...@apache.org>
Subject [jira] [Created] (KARAF-2754) all password should be encrypted when encryption.enabled is true
Date Wed, 12 Feb 2014 06:39:20 GMT
Freeman Fang created KARAF-2754:
-----------------------------------

             Summary: all password should be encrypted when encryption.enabled is true
                 Key: KARAF-2754
                 URL: https://issues.apache.org/jira/browse/KARAF-2754
             Project: Karaf
          Issue Type: Improvement
            Reporter: Freeman Fang


if we set
{code}
encryption.enabled = true
{code}
in etc/org.apache.karaf.jaas.cfg, and we have
{code}
admin = admin,admin
testuser=testpwd,admin
{code}
in etc/users.properties
then if login with user admin, we can admin password encrypted
{code}
admin = {CRYPT}21232f297a57a5a743894a0e4a801fc3{CRYPT},admin
testuser=testpwd,admin
{code}

However if  there will be 100s of users defined inside the "etc/users.properties" file then
it becomes security hole and complex to connect to Karaf one by one using different credentials
in order to get the encrypted passwords inside the file "etc/users.properties", we should
encrypt them all as one goal if we set encryption.enabled = true



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message