You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@karaf.apache.org by "Guillaume Nodet (JIRA)" <ji...@apache.org> on 2014/07/16 12:36:05 UTC

[jira] [Resolved] (KARAF-2755) Encrypt password mechanism pollutes the group

     [ https://issues.apache.org/jira/browse/KARAF-2755?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Guillaume Nodet resolved KARAF-2755.
------------------------------------

    Resolution: Fixed

> Encrypt password mechanism pollutes the group
> ---------------------------------------------
>
>                 Key: KARAF-2755
>                 URL: https://issues.apache.org/jira/browse/KARAF-2755
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-security
>            Reporter: Jean-Baptiste Onofré
>            Assignee: Guillaume Nodet
>             Fix For: 2.4.0, 4.0.0, 3.0.2
>
>
> By enabling the encryption (in etc/org.apache.karaf.jaas.cfg), Karaf ignores if we talk about users or groups, and so encrypts the groups, resulting to something like this in etc/users.properties:
> {code}
> karaf = {CRYPT}e7ebf747769e8522b52d1bf47f718788{CRYPT},_g_:admingroup
> _g_\:admingroup = {CRYPT}db0f6f37ebeb6ea09489124345af2a45{CRYPT},admin,manager,viewer
> {code}
> The encryption service should check if the considered line is an user or a group, and just crypts the user passwords.



--
This message was sent by Atlassian JIRA
(v6.2#6252)