[KARAF-2754] all password should be encrypted when encryption.enabled is true - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.4.0, 3.0.1, 2.3.4
Component/s: None
Labels:
None

Description

if we set

encryption.enabled = true

in etc/org.apache.karaf.jaas.cfg, and we have

admin = admin,admin
testuser=testpwd,admin

in etc/users.properties
then if login with user admin, we can admin password encrypted

admin = {CRYPT}21232f297a57a5a743894a0e4a801fc3{CRYPT},admin
testuser=testpwd,admin

However if there will be 100s of users defined inside the "etc/users.properties" file then it becomes security hole and complex to connect to Karaf one by one using different credentials in order to get the encrypted passwords inside the file "etc/users.properties", we should encrypt them all as one goal if we set encryption.enabled = true

Attachments

Activity

People

Assignee:: Freeman Yue Fang

Reporter:: Freeman Yue Fang

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/Feb/14 06:37

Updated:: 13/Feb/14 00:17

Resolved:: 12/Feb/14 07:17