[jira] [Commented] (KARAF-5014) First role of group definition in users.properties missing

Fri, 18 Apr 2025 04:14:21 -0700 


    [ 
https://issues.apache.org/jira/browse/KARAF-5014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17945652#comment-17945652
 ] 

ASF GitHub Bot commented on KARAF-5014:
---------------------------------------

stataru8 commented on code in PR #1863:
URL: https://github.com/apache/karaf/pull/1863#discussion_r1778852624


##########
jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java:
##########
@@ -52,14 +52,13 @@ public void addUser(String username, String password) {
         if (username.startsWith(GROUP_PREFIX))
             throw new IllegalArgumentException("Prefix not permitted: " + 
GROUP_PREFIX);
 
-        addUserInternal(username, password);
+        addUserInternal(username, encryptionSupport.encrypt(password));

Review Comment:
   I just moved this call from its original location in `addUserInternal`:
   
https://github.com/apache/karaf/blob/e9b9c973569596c8931cc4e8f7d62744d9c3ede5/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java#L62
   
   The call is only needed when adding a user and shouldn't be made when adding 
a group: 
https://github.com/apache/karaf/blob/c01d0bc4fe1a52859453b8fe69c2c306690769a3/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java#L262
 There is the risk of encrypting `""`, which with the defaults, results in 
`{CRYPT}ABC...{CRYPT}`. After `jaas:group-add karaf newGrup`, 
   `jaas:user-list` will return 
   ```
   User Name | Group   | Role
   
----------+---------+-------------------------------------------------------------------------------
   karaf     | newGrup | {CRYPT}ABC...{CRYPT}
   ```
   
   ~~Maybe at this point, we should create another `addUserInternal` with just 
the `username` as an argument: `private void addUserInternal(String username)`, 
or another function just for groups...~~





> First role of group definition in users.properties missing 
> -----------------------------------------------------------
>
>                 Key: KARAF-5014
>                 URL: https://issues.apache.org/jira/browse/KARAF-5014
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf
>    Affects Versions: 4.0.4
>            Reporter: Andre Schlegel-Tylla
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>
> The first role of an group got lost in role list:
> {code}
> bpcadmin = {CRYPT}...{CRYPT},bpcadmin,_g_\:zauberer,_g_\:masterdata
> _g_\:masterdata = VAM-administrator,VAM_organization_12001,wosinddieweiteren
> _g_\:zauberer=erstefehlt,abracadabra,simsalabim,sesamoeffnedich,hexhex
> {code}
> The roles "VAM-administrator" and "erstefehlt" are not listet on user 
> "bpcadmin".



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to