[ https://issues.apache.org/jira/browse/RANGER-1644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16242320#comment-16242320
]
Endre Kovacs commented on RANGER-1644:
--------------------------------------
Hi [~bosco]
# no, user passwors are *not* affected by this code change, only service user's passwords.
AFAIK regular, non-service user passwords are only hashed by org.apache.ranger.biz.UserMgr.encrypt(String,
String)
# un-affected
# Other places this decryption is taking place (besides the already mentioned service create
and service update) are:
* various places at ranger plugins:
** org.apache.ranger.plugin.client.BaseClient.login() to obtain loginSubject if kerberos is
used
** to programmatically log in using HTTPBasicAuth from ranger plugins (eg.: AtlasClient#getStatusResponse,
KnoxClient#getTopologyList, ServiceSolarClient#getCollection|Cores|FieldsList) to GET|POST
plugin specific data from the given component's rest api
for a complete list of affected places, see usage of method org.apache.ranger.plugin.util.PasswordUtils.decryptPassword(String)
Best regards,
Endre
> Change the default Crypt Algo to use stronger cryptographic algo.
> ------------------------------------------------------------------
>
> Key: RANGER-1644
> URL: https://issues.apache.org/jira/browse/RANGER-1644
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Selvamohan Neethiraj
> Assignee: Endre Kovacs
> Priority: Critical
> Attachments: 0001-RANGER-1644-replacing-MD5-DES-with-SHA512-AES128.patch
>
>
> Change the default crypt algorithm to use a stronger cipher algorithm
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
|