I guess the easiest would be physical access. There are other various intrusion methods too.
On Wednesday, February 28, 2018 at 3:29:40 PM UTC-6, Manfredo Hopp wrote: > > How should the server be compromised. > > 2018-02-28 18:12 GMT-03:00 Kevin Liu <annih...@gmail.com <javascript:>>: > >> Should the server be compromised, attackers can grab AD credentials and >> then verify all accounts with compromised credentials. >> >> My solution to this is to not have clear text (seems genius right? ;) ). >> According to one of CAS's blogs, >> https://apereo.github.io/2017/03/24/cas51-ldapauthnjasypt-tutorial/, >> jasypt is the method to use. >> >> On Wednesday, February 28, 2018 at 3:02:15 PM UTC-6, Manfredo Hopp wrote: >>> >>> What would be the problem to have it cleartext in server. >>> >>> 2018-02-28 17:02 GMT-03:00 Kevin Liu <annih...@gmail.com>: >>> >>>> I'd like to do this because this ways, I won't have bindCredentials in >>>> cleartext. >>>> >>>> On Tuesday, February 27, 2018 at 11:29:22 AM UTC-6, Kevin Liu wrote: >>>>> >>>>> Does anyone know how to reference the login page password in >>>>> cas.properties? I know for username, you use %s but what about the >>>>> password? >>>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to cas-user+u...@apereo.org. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/d18e508b-f92f-4cf9-bc2f-9125f629b0a0%40apereo.org >>>> >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/d18e508b-f92f-4cf9-bc2f-9125f629b0a0%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> >>> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+u...@apereo.org <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/96125d4a-859f-44b9-a8c9-028a625fccc1%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/96125d4a-859f-44b9-a8c9-028a625fccc1%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c8eb47aa-de90-43ed-9361-26d47463d3f3%40apereo.org.
