[
https://issues.apache.org/jira/browse/KARAF-34?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12907216#action_12907216
]
Jean-Baptiste Onofré commented on KARAF-34:
-------------------------------------------
After thinking again about this, it's not easy to implement the encryption
login in the AbstractKarafLoginModule as the login() method is delegated to
each login module. The encryption login should be located in the login() method.
The "common" part between all login module is that they call passwordCallback()
in the login() method to get the password provided by the user.
I propose to make a kind of encryptedPasswordCallback() on top of the
passwordCallback(). It will get the plain password provided by the user and
crypt using the crypt algorithm defined as attribute of the
AbstractKarafLoginModule.
Like this, each login module which uses the encryptedPasswordCallback() in
place of passwordCallback() will get encrypted password.
> Provide a way to have passwords encrypted and not in clear in the
> configuration files
> -------------------------------------------------------------------------------------
>
> Key: KARAF-34
> URL: https://issues.apache.org/jira/browse/KARAF-34
> Project: Karaf
> Issue Type: New Feature
> Reporter: Guillaume Nodet
> Assignee: Jean-Baptiste Onofré
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
