-
1. Re: password vault instead of clear user credentials
I think etc/users.properties gets encrypted when fuse 6.1 startup. So you can add the users with cleartext password, but fuse should resave the file with encrypted passwords.
-
2. Re: password vault instead of clear user credentials
Hi,
You can edit
$JBOSS_FUSE/etc/org.apache.karaf.jaas.cfg
change
encryption.enabled = false
to
encryption.enabled = true
then the clear plain text password would be encrypted.
Freeman
-
3. Re: password vault instead of clear user credentials
Hi,
I am trying to add with Ant a new user encrypted in the users.properties.
As I have seen in the $JBOSS_FUSE/etc/org.apache.karaf.jaas.cfg by default the encryption algorithm is MD5 and the encoding is hexadecimal.
So I tried then
MessageDigest md = MessageDigest.getInstance("MD5"); //Add password bytes to digest md.update(password.getBytes()); //Get the hash's bytes byte[] bytes = md.digest(); //Get complete hashed password in hex format generatedPassword = new String(Hex.encodeHex(bytes)); This generates an encryption that is different than the encryption generated using the karaf console, jaas:adduser command.
Could you tell me how this encryption is done internally by fuse, to make exactly the same encryption?
Thanks
-
4. Re: password vault instead of clear user credentials
Yeah its open source, so try to find the spot in the code where its done.
-
5. Re: password vault instead of clear user credentials
Could you provide me a link to the fuse jaas adduser command class,? Because sincerely I couldn't find it.
Thanks
-