[
https://issues.apache.org/jira/browse/USERGRID-1079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14981314#comment-14981314
]
ASF GitHub Bot commented on USERGRID-1079:
------------------------------------------
GitHub user tnine opened a pull request:
https://github.com/apache/usergrid/pull/419
Usergrid 1079 2x
Cherry picks branch from USERGRID-1079-1x into this branch, also adds PUT
functionality, and tests the password GET + PUT works correctly
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/apache/usergrid USERGRID-1079-2x
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/usergrid/pull/419.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #419
----
commit 5ed8c7ce14d253ba04dfad48d239a0e11bf1a33c
Author: Todd Nine <[email protected]>
Date: 2015-10-29T18:36:21Z
Adds the ability to PUT credentials as a superuser
commit 08e978132375751caf90ebcffde7a20d5e84b206
Author: Todd Nine <[email protected]>
Date: 2015-10-28T21:27:36Z
Adds the ability to get credentials info as superuser for user migration
commit 7fc7c55b7839ff9ba5a71b1c3d74a095c27f49ff
Author: Todd Nine <[email protected]>
Date: 2015-10-29T19:56:14Z
Updated call for new read api in 2.0
commit 4784b34f3342b32639ee23beb9ccafa9a5443ed0
Author: Todd Nine <[email protected]>
Date: 2015-10-29T18:37:31Z
Fixes GET + PUT for credentials info
commit ba629da577235c0c9bedf4addcb44bfb5fdbdccb
Author: Todd Nine <[email protected]>
Date: 2015-10-29T21:25:42Z
Adds test to prove functionality of GET + PUT
----
> Add 2 endpoints for password hash migration
> -------------------------------------------
>
> Key: USERGRID-1079
> URL: https://issues.apache.org/jira/browse/USERGRID-1079
> Project: Usergrid
> Issue Type: Story
> Reporter: Todd Nine
> Assignee: Todd Nine
>
> It is currently possible to migrate from a 1.0 installation to a 2.1
> installation via a RESTful client. However, due to the inability to securely
> move password hashes, application user's passwords are not retained. Add
> the following.
> # In the 1.x branch, add the ability to retrieve the password hash. This
> should only be allowed by the superuser.
> # In 2.1-release, add the ability to write the password hash to an
> application user. This should only be allowed by the superuser.
> Note that the reason this is only allowed as a superuser is that we want to
> disable this functionality by default. Any UG installation that is public
> facing should not have superuser enable. This allows us to disable this
> functionality in environments that are publicly available environments.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
