Geronimo
  1. Geronimo
  2. GERONIMO-5693

Encryption logic for connectionPassword attribute in ldap realm

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.1.6
    • Fix Version/s: 2.1.7
    • Component/s: security
    • Security Level: public (Regular issues)
    • Labels:
      None
    • Environment:

      Geronimo tomcat assembly 217

      Description

      Ldap realm list the connectionPassword option in plain text.

        Activity

        Hide
        Ashish Jain added a comment -

        Completed: At revision: 1036008 to 2.1 branch.

        Show
        Ashish Jain added a comment - Completed: At revision: 1036008 to 2.1 branch.
        Hide
        Ashish Jain added a comment -

        I will open a separate track for 2.2 and 3.0.

        Show
        Ashish Jain added a comment - I will open a separate track for 2.2 and 3.0.
        Hide
        Ashok Poralu added a comment -

        Tested the following scenarios on AG 2.1.7 SNAPSHOT build

        [1] Created a LDAP security realm with Microsoft AD.
        [2] When edit the LDAP security realm, you can see the connectionPassword with encrypted string in config.xml.
        [3] My login test get the Group/User Principals based on uname/pass.

        PASSED.

        Show
        Ashok Poralu added a comment - Tested the following scenarios on AG 2.1.7 SNAPSHOT build [1] Created a LDAP security realm with Microsoft AD. [2] When edit the LDAP security realm, you can see the connectionPassword with encrypted string in config.xml. [3] My login test get the Group/User Principals based on uname/pass. PASSED.
        Hide
        Ashish Jain added a comment -

        Thank you Ashok for your test results. I have opened a new track GERONIMO-5705 for 2.2 and 3.0. Closing it.

        Show
        Ashish Jain added a comment - Thank you Ashok for your test results. I have opened a new track GERONIMO-5705 for 2.2 and 3.0. Closing it.

          People

          • Assignee:
            Ashish Jain
            Reporter:
            Ashish Jain
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development