[
https://issues.apache.org/jira/browse/RANGER-1644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16242320#comment-16242320
]
Endre Kovacs commented on RANGER-1644:
--------------------------------------
Hi [~bosco]
# no, user passwors are *not* affected by this code change, only service user's
passwords. AFAIK regular, non-service user passwords are only hashed by
org.apache.ranger.biz.UserMgr.encrypt(String, String)
# un-affected
# Other places this decryption is taking place (besides the already mentioned
service create and service update) are:
* various places at ranger plugins:
** org.apache.ranger.plugin.client.BaseClient.login() to obtain loginSubject if
kerberos is used
** to programmatically log in using HTTPBasicAuth from ranger plugins (eg.:
AtlasClient#getStatusResponse, KnoxClient#getTopologyList,
ServiceSolarClient#getCollection|Cores|FieldsList) to GET|POST plugin specific
data from the given component's rest api
for a complete list of affected places, see usage of method
org.apache.ranger.plugin.util.PasswordUtils.decryptPassword(String)
Best regards,
Endre
> Change the default Crypt Algo to use stronger cryptographic algo.
> ------------------------------------------------------------------
>
> Key: RANGER-1644
> URL: https://issues.apache.org/jira/browse/RANGER-1644
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Selvamohan Neethiraj
> Assignee: Endre Kovacs
> Priority: Critical
> Attachments:
> 0001-RANGER-1644-replacing-MD5-DES-with-SHA512-AES128.patch
>
>
> Change the default crypt algorithm to use a stronger cipher algorithm
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
