manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aurélien MAZOYER <aurelien.mazo...@francelabs.com>
Subject Re: Store hash of MCF admin password
Date Mon, 18 Jul 2016 12:50:56 GMT
Hi Konrad,

Thank you for your answer. It seems that the obfuscation tool uses a 
symmetric encoding with password and salt to obfuscate/deobfuscate 
passwords. I can see that there is a way to change the salt with a 
property, but it seems that the password is hardcoded in the source 
code. What is the best practice to use this obfuscation tool? Is it 
enough to change the salt in the property file?

Regards,

Aurélien

Le 18/07/2016 14:13, Konrad Holl a écrit :
>
> Hi Aurélien,
>
> try the obfuscate.[bat|sh] file in the obfuscation-utility directory.
>
> In property.xml you can use this obfuscated password instead: 
> org.apache.manifoldcf.login.password.obfuscated . See also 
> http://manifoldcf.apache.org/release/release-2.4/en_US/how-to-build-and-deploy.html
>
> Hope that helps,
>
> Konrad.
>
> *From:*Aurélien MAZOYER [mailto:aurelien.mazoyer@francelabs.com]
> *Sent:* Montag, 18. Juli 2016 13:31
> *To:* user@manifoldcf.apache.org
> *Subject:* Store hash of MCF admin password
>
> Hi all,
>
> Is there a way to store a hash of the mcf admin password instead of a 
> clear password in the configuration file of MCF?
>
> Regards,
>
> Aurélien
>


Mime
View raw message