Geronimo
  1. Geronimo
  2. GERONIMO-5693

Encryption logic for connectionPassword attribute in ldap realm

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.1.6
    • Fix Version/s: 2.1.7
    • Component/s: security
    • Security Level: public (Regular issues)
    • Labels:
      None
    • Environment:

      Geronimo tomcat assembly 217

      Description

      Ldap realm list the connectionPassword option in plain text.

        Activity

        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open Closed Closed
        2d 1h 27m 1 Ashish Jain 18/Nov/10 08:39
        Ashish Jain made changes -
        Field Original Value New Value
        Status Open [ 1 ] Closed [ 6 ]
        Fix Version/s 3.0 [ 12314206 ]
        Fix Version/s 2.2.2 [ 12314951 ]
        Resolution Fixed [ 1 ]
        Hide
        Ashish Jain added a comment -

        Thank you Ashok for your test results. I have opened a new track GERONIMO-5705 for 2.2 and 3.0. Closing it.

        Show
        Ashish Jain added a comment - Thank you Ashok for your test results. I have opened a new track GERONIMO-5705 for 2.2 and 3.0. Closing it.
        Hide
        Ashok Poralu added a comment -

        Tested the following scenarios on AG 2.1.7 SNAPSHOT build

        [1] Created a LDAP security realm with Microsoft AD.
        [2] When edit the LDAP security realm, you can see the connectionPassword with encrypted string in config.xml.
        [3] My login test get the Group/User Principals based on uname/pass.

        PASSED.

        Show
        Ashok Poralu added a comment - Tested the following scenarios on AG 2.1.7 SNAPSHOT build [1] Created a LDAP security realm with Microsoft AD. [2] When edit the LDAP security realm, you can see the connectionPassword with encrypted string in config.xml. [3] My login test get the Group/User Principals based on uname/pass. PASSED.
        Hide
        Ashish Jain added a comment -

        I will open a separate track for 2.2 and 3.0.

        Show
        Ashish Jain added a comment - I will open a separate track for 2.2 and 3.0.
        Hide
        Ashish Jain added a comment -

        Completed: At revision: 1036008 to 2.1 branch.

        Show
        Ashish Jain added a comment - Completed: At revision: 1036008 to 2.1 branch.
        Ashish Jain created issue -

          People

          • Assignee:
            Ashish Jain
            Reporter:
            Ashish Jain
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development