You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Alex Karasulu (JIRA)" <ji...@apache.org> on 2007/09/18 16:21:43 UTC

[jira] Created: (DIRSERVER-1064) Admin password cannot be hashed

Admin password cannot be hashed
-------------------------------

                 Key: DIRSERVER-1064
                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1064
             Project: Directory ApacheDS
          Issue Type: Bug
          Components: core
         Environment: Any
            Reporter: Alex Karasulu
            Assignee: Emmanuel Lecharny
            Priority: Critical
             Fix For: 1.5.2


The administrator password is present within the server.xml and within the system partition.  This is the case to require authentication to startup the server with access to the data therein.  The problem is you cannot maintain the admin password in this file in hashed form.  When authenticating it will get double hashed.  So either on startup and on internal admin authentication you bypass hashing and only do it through the protocol or we need to force keeping the admin password in clear text. 

This is not such a good thing IMO.  Something must be done for this.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Closed: (DIRSERVER-1064) Admin password cannot be hashed

Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DIRSERVER-1064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alex Karasulu closed DIRSERVER-1064.
------------------------------------

    Resolution: Fixed

This was fixed after some changes in the big bang branch which removed the admin user from the server.xml file.  This user is now like any other user in the server WRT the password hashing mechanism.

> Admin password cannot be hashed
> -------------------------------
>
>                 Key: DIRSERVER-1064
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1064
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>         Environment: Any
>            Reporter: Alex Karasulu
>            Assignee: Alex Karasulu
>            Priority: Critical
>             Fix For: 1.5.2
>
>
> The administrator password is present within the server.xml and within the system partition.  This is the case to require authentication to startup the server with access to the data therein.  The problem is you cannot maintain the admin password in this file in hashed form.  When authenticating it will get double hashed.  So either on startup and on internal admin authentication you bypass hashing and only do it through the protocol or we need to force keeping the admin password in clear text. 
> This is not such a good thing IMO.  Something must be done for this.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Assigned: (DIRSERVER-1064) Admin password cannot be hashed

Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DIRSERVER-1064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alex Karasulu reassigned DIRSERVER-1064:
----------------------------------------

    Assignee: Alex Karasulu  (was: Emmanuel Lecharny)

> Admin password cannot be hashed
> -------------------------------
>
>                 Key: DIRSERVER-1064
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1064
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>         Environment: Any
>            Reporter: Alex Karasulu
>            Assignee: Alex Karasulu
>            Priority: Critical
>             Fix For: 1.5.2
>
>
> The administrator password is present within the server.xml and within the system partition.  This is the case to require authentication to startup the server with access to the data therein.  The problem is you cannot maintain the admin password in this file in hashed form.  When authenticating it will get double hashed.  So either on startup and on internal admin authentication you bypass hashing and only do it through the protocol or we need to force keeping the admin password in clear text. 
> This is not such a good thing IMO.  Something must be done for this.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.