Roland Tepp wrote
> Console (weather accessed over web or ssh) should be a trusted environment.
> If a untrusted user gains access to you console you have much more serious
> problems than access to some configuration options.
Well, sure - but don't forget that the web console allows to create a
z
While it would certainly be good to have this feature out of the box,
it can be implemented by registering a WebConsoleSecurityProvider service.
For an example using declarative services and a PBKDF2 hash,
see project com.amplifino.nestor.webconsole.security in repo
https://github.com/Amplifin
So thanks for all the replies.
But especially for webconsole, the password can be a hash, much like is
the /etc/passwd files on Unix systems.
Would a feature request bug on this make any chance when I file it?
On 24/04/16 13:18, Roland Tepp wrote:
Console (weather accessed over web or ssh) s
Console (weather accessed over web or ssh) should be a trusted environment.
If a untrusted user gains access to you console you have much more serious
problems than access to some configuration options.
On Sun, 24 Apr 2016 at 02:29, Carsten Ziegeler wrote:
> Peter Kriens wrote
> > You could adjus
Peter Kriens wrote
> You could adjust cm to recognize a macro and expand that macro to something
> local like a file, a system property, or an environment variable.
>
> That is how I solved it in the Configurer. Works very well on Travis that
> allows you to configure with encrypted data that is
You could adjust cm to recognize a macro and expand that macro to something
local like a file, a system property, or an environment variable.
That is how I solved it in the Configurer. Works very well on Travis that
allows you to configure with encrypted data that is decrypted as environment
va
Antonio Sanso wrote
> hi,
>
> I would actually have the same question?
>
> Is there anything can be done here ? If not there is any plan to improve this?
> I might try to help out in this area providing a patch…
>
> Anyone :)?
>
Didn't we discuss some time back to have a crypt service and leav
Ferry Huberts wrote
> Thanks Neil
>
> This is what I thought/feared.
>
> To me, at least the webconsole doesn't need a plaintext password and can
> use the same hashing mechanism the Unices use. Carsten?
>
Not sure I understand your question, what do you mean with "Unices"?
Regards
Carsten
--
Thanks Neil
This is what I thought/feared.
To me, at least the webconsole doesn't need a plaintext password and can
use the same hashing mechanism the Unices use. Carsten?
The keystore password would be more difficult.
On 22/04/16 23:34, Neil Bartlett wrote:
This is a tricky one… the compon
This is a tricky one… the components need to receive the password in plaintext,
and FileInstall does not support decryption.
You could build a management agent that supports reading encrypted data, either
at the individual field level or over the whole configuration file. You still
have the pro
hi,
I would actually have the same question?
Is there anything can be done here ? If not there is any plan to improve this?
I might try to help out in this area providing a patch…
Anyone :)?
regards
antonio
On Apr 20, 2016, at 5:07 PM, Ferry Huberts wrote:
> Hi
>
> I use FileInstall to pus
Hi
I use FileInstall to push config into ConfigAdmin.
Now for Jettry and WebConsole there are plaintext passwords in there and
I could not find how to avoid that.
Is there a way to avoid plaintext password?
Below is an example.
org.apache.felix.http.cfg: org.apache.felix.https.keystore.pass
12 matches
Mail list logo
