I think etc/users.properties gets encrypted when fuse 6.1 startup. So you can add the users with cleartext password, but fuse should resave the file with encrypted passwords.
You can edit
encryption.enabled = false
encryption.enabled = true
then the clear plain text password would be encrypted.
I am trying to add with Ant a new user encrypted in the users.properties.
As I have seen in the $JBOSS_FUSE/etc/org.apache.karaf.jaas.cfg by default the encryption algorithm is MD5 and the encoding is hexadecimal.
So I tried then
MessageDigest md = MessageDigest.getInstance("MD5"); //Add password bytes to digest md.update(password.getBytes()); //Get the hash's bytes byte bytes = md.digest(); //Get complete hashed password in hex format generatedPassword = new String(Hex.encodeHex(bytes));
This generates an encryption that is different than the encryption generated using the karaf console, jaas:adduser command.
Could you tell me how this encryption is done internally by fuse, to make exactly the same encryption?
Yeah its open source, so try to find the spot in the code where its done.
Could you provide me a link to the fuse jaas adduser command class,? Because sincerely I couldn't find it.
Its in Apache Karaf