Jean-Baptiste Onofré created KARAF-2755:
-------------------------------------------
Summary: Encrypt password mechanism pollutes the group
Key: KARAF-2755
URL: https://issues.apache.org/jira/browse/KARAF-2755
Project: Karaf
Issue Type: Bug
Components: karaf-security
Reporter: Jean-Baptiste Onofré
Assignee: Jean-Baptiste Onofré
Fix For: 2.4.0, 3.0.1
By enabling the encryption (in etc/org.apache.karaf.jaas.cfg), Karaf ignores if
we talk about users or groups, and so encrypts the groups, resulting to
something like this in etc/users.properties:
{code}
karaf = {CRYPT}e7ebf747769e8522b52d1bf47f718788{CRYPT},_g_:admingroup
_g_\:admingroup =
{CRYPT}db0f6f37ebeb6ea09489124345af2a45{CRYPT},admin,manager,viewer
{code}
The encryption service should check if the considered line is an user or a
group, and just crypts the user passwords.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
