[jira] [Updated] (USERGRID-1079) Add 2 endpoints for password hash migration

Wed, 28 Oct 2015 10:37:16 -0700 

     [ 
https://issues.apache.org/jira/browse/USERGRID-1079?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Todd Nine updated USERGRID-1079:
--------------------------------
    Description: 
It is currently possible to migrate from a 1.0 installation to a 2.1 
installation via a RESTful client.  However, due to the inability to securely 
move password hashes, application user's passwords are not retained.   Add the 
following.

# In the 1.x branch, add the ability to retrieve the password hash.   This 
should only be allowed by the superuser.

# In 2.1-release, add the ability to write the password hash to an application 
user.  This should only be allowed by the superuser.


Note that the reason this is only allowed as a superuser is that we want to 
disable this functionality by default.  Any UG installation that is public 
facing should not have superuser enable.  This allows us to disable this 
functionality in environments that are publicly available environments.



> Add 2 endpoints for password hash migration
> -------------------------------------------
>
>                 Key: USERGRID-1079
>                 URL: https://issues.apache.org/jira/browse/USERGRID-1079
>             Project: Usergrid
>          Issue Type: Story
>            Reporter: Todd Nine
>            Assignee: Todd Nine
>
> It is currently possible to migrate from a 1.0 installation to a 2.1 
> installation via a RESTful client.  However, due to the inability to securely 
> move password hashes, application user's passwords are not retained.   Add 
> the following.
> # In the 1.x branch, add the ability to retrieve the password hash.   This 
> should only be allowed by the superuser.
> # In 2.1-release, add the ability to write the password hash to an 
> application user.  This should only be allowed by the superuser.
> Note that the reason this is only allowed as a superuser is that we want to 
> disable this functionality by default.  Any UG installation that is public 
> facing should not have superuser enable.  This allows us to disable this 
> functionality in environments that are publicly available environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to