I guess the easiest would be physical access. There are other various intrusion methods too.
On Wednesday, February 28, 2018 at 3:29:40 PM UTC-6, Manfredo Hopp wrote: > > How should the server be compromised. > > 2018-02-28 18:12 GMT-03:00 Kevin Liu <[email protected] <javascript:>>: > >> Should the server be compromised, attackers can grab AD credentials and >> then verify all accounts with compromised credentials. >> >> My solution to this is to not have clear text (seems genius right? ;) ). >> According to one of CAS's blogs, >> https://apereo.github.io/2017/03/24/cas51-ldapauthnjasypt-tutorial/, >> jasypt is the method to use. >> >> On Wednesday, February 28, 2018 at 3:02:15 PM UTC-6, Manfredo Hopp wrote: >>> >>> What would be the problem to have it cleartext in server. >>> >>> 2018-02-28 17:02 GMT-03:00 Kevin Liu <[email protected]>: >>> >>>> I'd like to do this because this ways, I won't have bindCredentials in >>>> cleartext. >>>> >>>> On Tuesday, February 27, 2018 at 11:29:22 AM UTC-6, Kevin Liu wrote: >>>>> >>>>> Does anyone know how to reference the login page password in >>>>> cas.properties? I know for username, you use %s but what about the >>>>> password? >>>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/d18e508b-f92f-4cf9-bc2f-9125f629b0a0%40apereo.org >>>> >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/d18e508b-f92f-4cf9-bc2f-9125f629b0a0%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> >>> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/96125d4a-859f-44b9-a8c9-028a625fccc1%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/96125d4a-859f-44b9-a8c9-028a625fccc1%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c8eb47aa-de90-43ed-9361-26d47463d3f3%40apereo.org.
