How should the server be compromised. 2018-02-28 18:12 GMT-03:00 Kevin Liu <[email protected]>:
> Should the server be compromised, attackers can grab AD credentials and > then verify all accounts with compromised credentials. > > My solution to this is to not have clear text (seems genius right? ;) ). > According to one of CAS's blogs, https://apereo.github. > io/2017/03/24/cas51-ldapauthnjasypt-tutorial/, jasypt is the method to > use. > > On Wednesday, February 28, 2018 at 3:02:15 PM UTC-6, Manfredo Hopp wrote: >> >> What would be the problem to have it cleartext in server. >> >> 2018-02-28 17:02 GMT-03:00 Kevin Liu <[email protected]>: >> >>> I'd like to do this because this ways, I won't have bindCredentials in >>> cleartext. >>> >>> On Tuesday, February 27, 2018 at 11:29:22 AM UTC-6, Kevin Liu wrote: >>>> >>>> Does anyone know how to reference the login page password in >>>> cas.properties? I know for username, you use %s but what about the >>>> password? >>>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit https://groups.google.com/a/ap >>> ereo.org/d/msgid/cas-user/d18e508b-f92f-4cf9-bc2f-9125f629b0 >>> a0%40apereo.org >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/d18e508b-f92f-4cf9-bc2f-9125f629b0a0%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> >> -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/96125d4a-859f-44b9-a8c9- > 028a625fccc1%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/96125d4a-859f-44b9-a8c9-028a625fccc1%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5mifFXkZRKDZq7mJ7adh%2B7Nieh%3DxYRPNsY2OYsJosvTz2Qw%40mail.gmail.com.
