[jira] [Commented] (SYNCOPE-136) Password required for resource subscription

Fri, 08 Feb 2013 03:31:18 -0800 

    [ 
https://issues.apache.org/jira/browse/SYNCOPE-136?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13574406#comment-13574406
 ] 

Andrei Shakirin commented on SYNCOPE-136:
-----------------------------------------

Hi Francesco,

Could you please care about re-run ability also in new integration tests?
UserTestITCase.readWithMailAddressAsUserName() should look like:
    @Test
    public void readWithMailAddressAsUserName() {
        UserTO userTO = createUser(getUniqueSampleTO("m...@domain.org"));
        userTO = userService.read(userTO.getUsername());
        assertNotNull(userTO);
    }

Otherwise we will break fixed [1] again and again.

Regards,
Andrei.

[1] https://issues.apache.org/jira/browse/SYNCOPE-268


                
> Password required for resource subscription
> -------------------------------------------
>
>                 Key: SYNCOPE-136
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-136
>             Project: Syncope
>          Issue Type: Improvement
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>             Fix For: 1.1.0
>
>
> Currently, cleartext password is always required when subscribing to a new 
> external resource.
> However, in some cases (for example when passwords are stored with some 
> symmetric algorithm) this can be avoided.
> For example, it could be:
> Case 1: 2-way (a.k.a. symmetric) password cipher algorithm is configured in 
> Syncope
> Use decrypted password from SyncopeUser to subscribe new resource.
> Case 2: 1-way (a.k.a. hash or asymmetric) password cipher algorithm is 
> configured in Syncope and no clear-text password is available (for example, 
> passed via UserMod or provided by a synchronizing resource)
> Provide, on a resource-basis, a mean to configure how new password should be 
> generated:
>  * constant
>  * random password generation (compliant with resource password policy, if 
> present - see SYNCOPE-121)
>  * provide custom Java class
> Discussion thread: 
> http://syncope-dev.1063484.n5.nabble.com/new-password-issue-td5589622.html

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to