karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré (JIRA) <j...@apache.org>
Subject [jira] [Comment Edited] (KARAF-3625) Password encryption doesn't work
Date Mon, 06 Apr 2015 06:53:12 GMT

    [ https://issues.apache.org/jira/browse/KARAF-3625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14481001#comment-14481001
] 

Jean-Baptiste Onofré edited comment on KARAF-3625 at 4/6/15 6:52 AM:
---------------------------------------------------------------------

The encryption works fine with karaf-2.x, just a small warn in the log:

{code}
2015-04-06 08:50:23,629 | WARN  | 1]-nio2-thread-6 | EventAdminAuditLoginModule       | ?
                                  ? | 16 - org.apache.karaf.jaas.modules - 2.4.2.SNAPSHOT
| Unable to send security auditing EventAdmin events: java.lang.NoClassDefFoundError: org/osgi/service/event/EventAdmin
{code}

Nothing major as the EventAdmin feature is not installed.

We can also see the "same" race condition:

{code}
Exception in thread "Timer-0" java.lang.IllegalStateException: No encryption service found.
Please install the Karaf encryption feature and check that the encryption algorithm is supported..
        at org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryption(EncryptionSupport.java:88)
        at org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.getEncryptedPassword(AutoEncryptionSupport.java:117)
        at org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.encryptedPassword(AutoEncryptionSupport.java:92)
        at org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport$1.run(AutoEncryptionSupport.java:64)
        at java.util.TimerThread.mainLoop(Timer.java:555)
        at java.util.TimerThread.run(Timer.java:505)
{code}


was (Author: jbonofre):
The encryption works fine with karaf-2.x, just a small warn in the log:

{code}
2015-04-06 08:50:23,629 | WARN  | 1]-nio2-thread-6 | EventAdminAuditLoginModule       | ?
                                  ? | 16 - org.apache.karaf.jaas.modules - 2.4.2.SNAPSHOT
| Unable to send security auditing EventAdmin events: java.lang.NoClassDefFoundError: org/osgi/service/event/EventAdmin
{code}

Nothing major as the EventAdmin feature is not installed.

> Password encryption doesn't work
> --------------------------------
>
>                 Key: KARAF-3625
>                 URL: https://issues.apache.org/jira/browse/KARAF-3625
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-security
>    Affects Versions: 3.0.3, 2.3.8, 2.3.9, 2.3.10, 4.0.0.M2
>            Reporter: Jean-Baptiste Onofré
>            Assignee: Jean-Baptiste Onofré
>            Priority: Critical
>             Fix For: 2.4.2, 3.0.4, 2.3.11
>
>
> With encryption.enabled=true in etc/org.apache.karaf.jaas.cfg configuration file, Karaf
should encrypt the password in etc/users.properties (prefixing and suffixing with {CRYPT}
keyword).
> However, the password are not encrypted in the etc/users.properties.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message