This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch 2_1_X
in repository https://gitbox.apache.org/repos/asf/syncope.git
commit 3f3b4a0636b75a08360c30620ed4d61affb9a3ae
Author: Colm O hEigeartaigh <cohei...@users.noreply.github.com>
AuthorDate: Wed May 26 07:42:57 2021 +0100
Updating the docs to make it clear that SHA1 is not the default algorithm
anymore for the admin password (#267)
---
src/main/asciidoc/getting-started/movingForward.adoc | 2 +-
.../systemadministration/configurationparameters.adoc | 2 +-
.../systemadministration/setadmincredentials.adoc | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/main/asciidoc/getting-started/movingForward.adoc
b/src/main/asciidoc/getting-started/movingForward.adoc
index 1834986..e67373a 100644
--- a/src/main/asciidoc/getting-started/movingForward.adoc
+++ b/src/main/asciidoc/getting-started/movingForward.adoc
@@ -34,7 +34,7 @@ various security properties have been changed to values
specific to your deploym
The following values must be changed from the defaults in the
`security.properties` file:
-* *adminPassword* - The SHA1 hash evaluation of the cleartext password, the
default value of which is "password".
+* *adminPassword* - The cleartext password as encoded per the
"adminPasswordAlgorithm" value (SSHA256 by default), the default value of which
is "password".
* *secretKey* - The secret key value used for AES ciphering. Only required if
either:
** the value for "*adminPasswordAlgorithm*" is "AES" or
** the configuration parameter "password.cipher.algorithm" is changed to "AES"
(See section 4.6.14 "Configuration Parameters" of
diff --git
a/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/configurationparameters.adoc
b/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/configurationparameters.adoc
index 5aa46a5..5dedb84 100644
---
a/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/configurationparameters.adoc
+++
b/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/configurationparameters.adoc
@@ -26,7 +26,7 @@ barely invoking the REST layer through
http://curl.haxx.se/[curl^]:
algorithms include `SHA-1`, `SHA-256`, `SHA-512`, `AES`, `S-MD5`, `S-SHA-1`,
`S-SHA-256`, `S-SHA-512` and `BCRYPT`;
salting options are available in the `security.properties` file;
[WARNING]
-The value of the `secretKey` property in the `security.properties` file is
used for AES-based encryption / decription.
+The value of the `secretKey` property in the `security.properties` file is
used for AES-based encryption / decryption.
Besides password values, this is also used whenever reversible encryption is
needed, throughout the whole system. +
When the `secretKey` value has length less than 16, it is right-padded by
random characters during startup, to reach
such mininum value. +
diff --git
a/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/setadmincredentials.adoc
b/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/setadmincredentials.adoc
index 7a77099..9618da2 100644
---
a/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/setadmincredentials.adoc
+++
b/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/setadmincredentials.adoc
@@ -25,8 +25,8 @@ The credentials are defined in the `security.properties`
file; text encoding mus
* `adminUser` - administrator username (default `admin`)
* `adminPassword` - administrator password (default `password`)'s hashed value
-* `adminPasswordAlgorithm` - algorithm to be used for hash evaluation (default
`SHA1`, others as
-`SHA256`, `SHA512`, `SMD5`, `SSHA1`, `SSHA256`, `SSHA512` and `BCRYPT` are
supported)
+* `adminPasswordAlgorithm` - algorithm to be used for hash evaluation (default
`SSHA256`, also supported are
+`SHA1`, `SHA256`, `SHA512`, `SMD5`, `SSHA1`, `SSHA512` and `BCRYPT`)
.Generate SHA1 password value on GNU / Linux
====
