-
1. Re: password vault instead of clear user credentials
davsclaus Jul 14, 2014 2:58 PM (in response to virchete)I think etc/users.properties gets encrypted when fuse 6.1 startup. So you can add the users with cleartext password, but fuse should resave the file with encrypted passwords.
-
2. Re: password vault instead of clear user credentials
ffang Jul 15, 2014 6:02 AM (in response to virchete)Hi,
You can edit
$JBOSS_FUSE/etc/org.apache.karaf.jaas.cfg
change
encryption.enabled = false
to
encryption.enabled = true
then the clear plain text password would be encrypted.
Freeman
-
3. Re: password vault instead of clear user credentials
virchete Jul 28, 2014 7:58 AM (in response to ffang)Hi,
I am trying to add with Ant a new user encrypted in the users.properties.
As I have seen in the $JBOSS_FUSE/etc/org.apache.karaf.jaas.cfg by default the encryption algorithm is MD5 and the encoding is hexadecimal.
So I tried then
MessageDigest md = MessageDigest.getInstance("MD5"); //Add password bytes to digest md.update(password.getBytes()); //Get the hash's bytes byte[] bytes = md.digest(); //Get complete hashed password in hex format generatedPassword = new String(Hex.encodeHex(bytes)); This generates an encryption that is different than the encryption generated using the karaf console, jaas:adduser command.
Could you tell me how this encryption is done internally by fuse, to make exactly the same encryption?
Thanks
-
4. Re: password vault instead of clear user credentials
davsclaus Jul 28, 2014 8:06 AM (in response to virchete)Yeah its open source, so try to find the spot in the code where its done.
-
5. Re: password vault instead of clear user credentials
virchete Jul 28, 2014 8:14 AM (in response to davsclaus)Could you provide me a link to the fuse jaas adduser command class,? Because sincerely I couldn't find it.
Thanks
-
6. Re: password vault instead of clear user credentials
davsclaus Jul 28, 2014 9:21 AM (in response to virchete)Its in Apache Karaf