On 27/10/2014 13:17, Martin van Es wrote:
Hi,
I've just started looking at Syncope again and installed 1.2.0 from
debian packages on a fresh ubuntu 14.04LTS server. All works well, and
I'm able to propagate a test user to a test OpenLDAP server, but not
without reentering the user's password.
I thought Syncope had acquired possibility to 2-way encrypt syncope
password with AES so that it could be propagated?
When I look at the Syncope configuration parameters in console, I see
password.cipher.algorithm set to SHA1, so that probably should be set
to AES. But whenever I do that and click "save", when I return to the
configuration page, it's set to SHA1 again. I found the corresponding
setting in content.xml in the syncope/WEB-INF/class directory, but
changing that to AES and restarting tomcat didn't help either (still
SHA1).
What am I doing wrong?
Hi Martin,
you are right, using AES to propagate password values without
re-entering is supported since 1.1.0 [1].
The problem you are experiencing ATM is SYNCOPE-576 [2] whose fix is
planned for 1.2.1.
The content.xml is transferred to the actual database only when no
pre-existing content is found on it, so here's why you keep seeing SHA1;
should you need to change any configuration file, please consider that
using Syncope 1.2.0 DEB packages you can just go and modify it under
/etc/apache-syncope, then restart Tomcat.
While waiting for SYNCOPE-576 you still have option to
1. change this value via REST (see reference [3] for more information)
- e.g. via
curl -u admin:password -X PUT -H "Content-Type: application/json" -H
"Accept: application/json" -d '{"values": ["AES"]}'
http://host.port/syncope/rest/configurations/password.cipher.algorithm
2. change this value in the underlying database table and restart Tomcat
HTH
Regards.
[1] https://issues.apache.org/jira/browse/SYNCOPE-136
[2] https://issues.apache.org/jira/browse/SYNCOPE-576
[3] http://syncope.apache.org/rest/1.2/index.html
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/
