Hi Jochen,
just update to Karaf 3.0.3, you will have a thread that now encrypt
passwords "on the fly", no need to logon anymore.
Regards
JB
On 05/18/2015 03:42 PM, jkraushaar wrote:
Hi there,
we are using Karaf 3.0.1 and the default authentication with encrypted
passwords for the console. According to the manual (and our own
observations) the password in users.properties becomes encrypted when a
client connects to the console for the first time.
If you start Karaf using bin/start and do not use a client to connect to the
console, the password never becomes encrypted, which - in my opinion - is a
security issue. As a workaround it is possible to store an already encrypted
password in users.properties.
Is it possible to encrypt the password when Karaf starts (instead of first
client login)?
Regards
Jochen
--
View this message in context:
http://karaf.922171.n3.nabble.com/Password-encryption-when-Karaf-3-0-1-starts-tp4040432.html
Sent from the Karaf - User mailing list archive at Nabble.com.
--
Jean-Baptiste Onofré
[email protected]
http://blog.nanthrax.net
Talend - http://www.talend.com
