Karaf 4.4.5
The documentation to enable password encryption for the PropertiesLoginModule
does not result in encryption passwords in the properties files. The
encryption prefix and suffix configuration properties must be set in the
jaas:module blueprint descriptor.
https://karaf.apache.org/manual/latest/#_encryption_service
Is the requirement to define encryption.prefix and encryption.suffix in
jaas:module missing from the documentation?
Are the encryption.prefix and encryption.suffix not correctly defaulted?
The following encrypts passwords user passwords
***
* deploy/foo_realm.xml
***
<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0";
xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.0.0";
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0";>
<!-- Bean to allow the $[karaf.base] property to be correctly resolved -->
<ext:property-placeholder placeholder-prefix="$[" placeholder-suffix="]"/>
<jaas:config name="foo">
<jaas:module
className="org.apache.karaf.jaas.modules.properties.PropertiesLoginModule"
flags="required">
users = $[karaf.base]/etc/foo.users.properties
encryption.enabled = true
encryption.prefix = ENC(
encryption.suffix = )
encryption.algorithm = MD5
encryption.encoding = hexadecimal
</jaas:module>
</jaas:config>
</blueprint>
***
* etc/foo.users.properties
***
foo = ENC(37B51D194A7513E45B56F6524F2D51F2)
Paul Spencer
