You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@manifoldcf.apache.org by Karl Wright <da...@gmail.com> on 2015/04/23 11:36:54 UTC

Fwd: ManifoldCF security.

Hi Smitha,

(1) You can change the admin credentials by adding the appropriate
properties to properties.xml.  See the "how-to-build-and-deploy" page for
details.
(2) All password properties in ManifoldCF can be specified in obfuscated
form.  See the "how-to-build-and-deploy" page for details.
(3) Passwords for connections are stored in the database in obfuscated form.

Thanks,
Karl


On Thu, Apr 23, 2015 at 4:15 AM, Smitha S <Sm...@infosys.com> wrote:

>  Hi Karl,
>
>
>
> As per of enforcing the security on our application, we need to have some
> control on the way Manifold crawler UI is accessed. Currently by providing
> admin/admin, we are able to access the crawler UI. Where is these
> credentials stored, is there any way we can change these credentials. Can
> we implement any encryption mechanism for these credentails.
>
>
>
> We are using window share repository connection. Is the window server
> credentials details are stored securely in the DB? As I understand, we are
> using jcifs for connecting to window share. The jcifs supports only SMB1.
> But SMB2 and SMB3 has some additional security features related to
> providing encrypted credentials. How these features can be used through
> window share?
>
>
>
> Thanks & Regards,
>
> Smitha S
>
>
>
>
>
> **************** CAUTION - Disclaimer *****************
> This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely
> for the use of the addressee(s). If you are not the intended recipient, please
> notify the sender by e-mail and delete the original message. Further, you are not
> to copy, disclose, or distribute this e-mail or its contents to any other person and
> any such actions are unlawful. This e-mail may contain viruses. Infosys has taken
> every reasonable precaution to minimize this risk, but is not liable for any damage
> you may sustain as a result of any virus in this e-mail. You should carry out your
> own virus checks before opening the e-mail or attachment. Infosys reserves the
> right to monitor and review the content of all messages sent to or from this e-mail
> address. Messages sent to or from this e-mail address may be stored on the
> Infosys e-mail system.
> ***INFOSYS******** End of Disclaimer ********INFOSYS***
>
>