Sorry, wrong issue linked (SYNCOPE-122): SYNCOPE-136 is the correct one. On 16/10/2012 13:23, Jan Bernhardt (JIRA) wrote: > [ > https://issues.apache.org/jira/browse/SYNCOPE-223?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13476921#comment-13476921 > ] > > Jan Bernhardt commented on SYNCOPE-223: > --------------------------------------- > > Hi Francesco, > > Why did you marked this jira issue as duplicate to SYNCOPE-122 ? > > From my view these tickets are not duplicates. > > SYNCOPE-122 focuses on Password changes in external systems, whereas > SYNCOPE-223 talks about publishing passwords to external systems. > The challenge in SYNCOPE-122 is to detect password changes, whereas in > SYNCOPE-223 you don't even want to change your password. > As far as I understood SYNCOPE-223, the goal is to propagate passwords to > (newly added) external systems, without the need to re-enter a user's > password. > This could be quite important for a usecase, when you have already hundreds > of users active in syncope and if you need to propagate those user accounts > to another (new) resource (e.g. SSO purposes). Currently an administrator > would have to set a new password for all users, to be able to add a new > resource to that account. And then all users need to be informed about their > new password and must change it. But if the password is available in syncope > (because of a symmetric encryption), all users could keep their current > password and still be propagated to another resource. > > Best regards > Jan > > > >> Allow new resources subscription without password using AES or other >> Symmetric Algorithms >> ----------------------------------------------------------------------------------------- >> >> Key: SYNCOPE-223 >> URL: https://issues.apache.org/jira/browse/SYNCOPE-223 >> Project: Syncope >> Issue Type: Improvement >> Components: core >> Reporter: Denis Signoretto >> Priority: Critical >> >> Related to http://code.google.com/p/syncope/issues/detail?id=264 >> Scenario: an user is subscribing to a new resource (e.g. has a new role >> subscribing new resources) >> Case 1: 2-way (a.k.a. symmetric) password cipher algorithm is configured in >> Syncope >> Use decrypted password from SyncopeUser to subscribe new resource. >> Case 2: 1-way (a.k.a. hash or asymmetric) password cipher algorithm is >> configured in Syncope and no clear-text password is available (for example, >> passed via UserMod or provided by a synchronizing resource) >> Provide, on a resource-basis, a mean to configure how new password should be >> generated: >> * constant >> * random password generation (compliant with resource password policy, if >> present - see issue 218 ) >> * provide custom Java class > -- > This message is automatically generated by JIRA. > If you think it was sent incorrectly, please contact your JIRA administrators > For more information on JIRA, see: http://www.atlassian.com/software/jira
-- Francesco Chicchiriccò ASF Member, Apache Cocoon PMC and Apache Syncope PPMC Member http://people.apache.org/~ilgrosso/
