You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@syncope.apache.org by Ravindra Singareddy <si...@hotmail.com> on 2017/11/24 05:21:46 UTC
Password in Clear Text in User Registration
Hi All,
Is any way to suppress password field not to display in registration restful call? Here is the request is seen in the client call.
ID: 2
Address: http://localhost:8080/syncope/rest/users?storePassword=true
Http-Method: POST
Content-Type: application/json
Headers: {X-Syncope-Domain=[Master], Authorization=[Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJqdGkiOiJhZjRjMjcwMS0xMjNhLTRjNTgtOGMyNy0wMTEyM2FmYzU4OWQiLCJzdWIiOiJhZG1pbiIsImlhdCI6MTUxMTQ5MjA1NywiaXNzIjoiQXBhY2hlU3luY29wZSIsImV4cCI6MTUxMTQ5OTI1NywibmJmIjoxNTExNDkyMDU3fQ.zMSMWxw6I4FrD2Y4oSioF3bnCGpDWEZOlPnosDgjl5xa1v9W3Z_GhqZh9ikJpIIAM3nVMNSuMx6gDzXKJHQ-ZQ], Content-Type=[application/json], Accept=[application/json], Accept-Encoding=[gzip;q=1.0, identity; q=0.5, *;q=0]}
Payload: {"@class":"org.apache.syncope.common.lib.to.UserTO","creator":"admin","creationDate":"2017-11-24T04:53:16.004+0000","lastModifier":null,"lastChangeDate":null,"key":null,"type":"USER","realm":"/","status":null,"password":"xxxxxxxx”
Thanks
Ravi
Re: Password in Clear Text in User Registration
Posted by Francesco Chicchiriccò <il...@apache.org>.
On 24/11/2017 06:21, Ravindra Singareddy wrote:
>
> Hi All,
>
> Is any way to suppress password field not to display in registration
> restful call? Here is the request is seen in the client call.
>
Hi Ravi,
of course this is not possible, unless you don't want to set a password
for the user being created.
Regards.
> ID: 2
>
> Address: http://localhost:8080/syncope/rest/users?storePassword=true
>
> Http-Method: POST
>
> Content-Type: application/json
>
> Headers: {X-Syncope-Domain=[Master], Authorization=[Bearer
> eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJqdGkiOiJhZjRjMjcwMS0xMjNhLTRjNTgtOGMyNy0wMTEyM2FmYzU4OWQiLCJzdWIiOiJhZG1pbiIsImlhdCI6MTUxMTQ5MjA1NywiaXNzIjoiQXBhY2hlU3luY29wZSIsImV4cCI6MTUxMTQ5OTI1NywibmJmIjoxNTExNDkyMDU3fQ.zMSMWxw6I4FrD2Y4oSioF3bnCGpDWEZOlPnosDgjl5xa1v9W3Z_GhqZh9ikJpIIAM3nVMNSuMx6gDzXKJHQ-ZQ],
> Content-Type=[application/json], Accept=[application/json],
> Accept-Encoding=[gzip;q=1.0, identity; q=0.5, *;q=0]}
>
> Payload:
> {"@class":"org.apache.syncope.common.lib.to.UserTO","creator":"admin","creationDate":"2017-11-24T04:53:16.004+0000","lastModifier":null,"lastChangeDate":null,"key":null,"type":"USER","realm":"/","status":null,"password":"xxxxxxxx”
>
> Thanks
>
> Ravi
>
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/