Yes, When we send password to the server It should not be in plain text and should be encrypted.
Pls see the solution they are referring on this link -http://stackoverflow.com/questions/10579228/java-text-modification-on-jsp How do we implement this with CAS? Thanks. On Wednesday, September 24, 2014 5:17:35 PM UTC+5:30, Stefan Paetow wrote: > > I think he refers to the client side (the browser) encrypting the > password, shipping that through to the server, and the server decrypting > it. > > S. > > > -----Original Message----- > > From: Marvin Addison [mailto:marvin....@gmail.com <javascript:>] > > Sent: 24 September 2014 12:38 > > To: cas-...@lists.jasig.org <javascript:> > > Subject: Re: [cas-user] client side password encryption > > > > > How do we enable client side password encryption and then server side > > > decryption in CAS. Any suggestions/hint will be really helpful. > > > > Can you clarify what you mean by "password encryption"? Encryption of > > credentials used in configuration files (i.e. ldap/database password)? > > > > M > > > > -- > > You are currently subscribed to cas-...@lists.jasig.org <javascript:> > as: > > stefan...@ja.net <javascript:> > > To unsubscribe, change settings or access archives, see http://www.ja- > > sig.org/wiki/display/JSG/cas-user > > Janet(UK) is a trading name of Jisc Collections and Janet Limited, a > not-for-profit company which is registered in England under No. 2881024 > and whose Registered Office is at Lumen House, Library Avenue, > Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238 > > > -- > You are currently subscribed to cas-...@lists.jasig.org <javascript:> as: > jasig-cas-user...@googlegroups.com <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
