Uploaded image for project: 'Karaf'
  1. Karaf
  2. KARAF-6925

Support stronger JAAS Encryption algorithms via spring-security-crypto

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 4.2.11, 4.3.1
    • karaf

    Description

      Right now for JAAS password encryption, we only support basic digest algorithms, or else salted algorithms via the jasypt provider. However these are no longer considered secure, instead best practice is to use algorithms like scrypt, bcrypt, argon2, etc.

      The Spring Security Crypto project has password encoders for all of these algorithms, and has minimal dependencies, so we can leverage this to support a more modern encryption alternative.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. KARAF-7219 Document improved password encryption algorithms

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              jbonofre Jean-Baptiste Onofré
              coheigea Colm O hEigeartaigh
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: