directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Seelmann (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSTUDIO-1089) Cannot set plain text password if current is encrypted
Date Mon, 22 Feb 2016 10:24:18 GMT

    [ https://issues.apache.org/jira/browse/DIRSTUDIO-1089?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15156736#comment-15156736
] 

Stefan Seelmann commented on DIRSTUDIO-1089:
--------------------------------------------

When hashing interceptor is disabled then hashing is done only by client (DirStudio).
When hashing interceptor is enabled then there are two cases: If client hashes the password
then the server doesn't change it. If client just sends plaintext then the server hashes it.

I didn't know that there is a setting in the configuration editor for that ;). However on
a new created server the checkbox is diabled while the interceptor is enabled. I think that's
because by default the new ConfigurableHashingInterceptor class is used in the server but
the configuration editor doesn't know that.


> Cannot set plain text password if current is encrypted
> ------------------------------------------------------
>
>                 Key: DIRSTUDIO-1089
>                 URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1089
>             Project: Directory Studio
>          Issue Type: Bug
>          Components: studio-ldapbrowser
>    Affects Versions: 2.0.0-M10 (2.0.0.v20151221-M10)
>         Environment: Windows 7 Pro 64bit, Eclipse Mars 4.5.1 64bit, JDK 1.8.0_66 64bit
>            Reporter: Alberto Mozzone
>             Fix For: 2.0.0-M11
>
>         Attachments: eclipse_ldap_conf.png
>
>
> Cannot set a plain text password if the current is encrypted (whatever algorithm).
> Steps to repeat:
> # create an "inetOrgPerson"
> # add the "userPassword" attribute, set a "Plain text" password, save
> # edit "userPassword" value
> # in the "New Password" tab, enter a password (may be the very same) in "Enter New Password"
and "Confirm New Password"; in "Select Hash Method" choose an algorithm different than "Plain
Text" (I used "SHA" and "SSHA-512"); finally press "OK"
> # edit "userPassword" value again
> # in the "New Password" tab, enter a password (may be the very same) in "Enter New Password"
and "Confirm New Password"; in "Select Hash Method" choose "Plain Text"; finally press "OK"
> # the entry shows that the algorithm is not "Plain Text"



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message