Re: Can't change password.cipher.algorithm into AES in console configuration

Mon, 27 Oct 2014 11:11:32 -0700 

Thx, workaround 1 did the job! ;)

Regards,
Martin

On Mon, Oct 27, 2014 at 1:39 PM, Francesco Chicchiriccò
<ilgro...@apache.org> wrote:
> On 27/10/2014 13:17, Martin van Es wrote:
>>
>> Hi,
>>
>> I've just started looking at Syncope again and installed 1.2.0 from
>> debian packages on a fresh ubuntu 14.04LTS server. All works well, and
>> I'm able to propagate a test user to a test OpenLDAP server, but not
>> without reentering the user's password.
>>
>> I thought Syncope had acquired possibility to 2-way encrypt syncope
>> password with AES so that it could be propagated?
>>
>> When I look at the Syncope configuration parameters in console, I see
>> password.cipher.algorithm set to SHA1, so that probably should be set
>> to AES. But whenever I do that and click "save", when I return to the
>> configuration page, it's set to SHA1 again. I found the corresponding
>> setting in content.xml in the syncope/WEB-INF/class directory, but
>> changing that to AES and restarting tomcat didn't help either (still
>> SHA1).
>>
>> What am I doing wrong?
>
>
> Hi Martin,
> you are right, using AES to propagate password values without re-entering is
> supported since 1.1.0 [1].
>
> The problem you are experiencing ATM is SYNCOPE-576 [2] whose fix is planned
> for 1.2.1.
>
> The content.xml is transferred to the actual database only when no
> pre-existing content is found on it, so here's why you keep seeing SHA1;
> should you need to change any configuration file, please consider that using
> Syncope 1.2.0 DEB packages you can just go and modify it under
> /etc/apache-syncope, then restart Tomcat.
>
> While waiting for SYNCOPE-576 you still have option to
>
>  1. change this value via REST (see reference [3] for more information) -
> e.g. via
>
> curl -u admin:password -X PUT -H "Content-Type: application/json" -H
> "Accept: application/json" -d '{"values": ["AES"]}'
> http://host.port/syncope/rest/configurations/password.cipher.algorithm
>
>  2. change this value in the underlying database table and restart Tomcat
>
> HTH
> Regards.
>
> [1] https://issues.apache.org/jira/browse/SYNCOPE-136
> [2] https://issues.apache.org/jira/browse/SYNCOPE-576
> [3] http://syncope.apache.org/rest/1.2/index.html
>
> --
> Francesco Chicchiriccò
>
> Tirasa - Open Source Excellence
> http://www.tirasa.net/
>
> Involved at The Apache Software Foundation:
> member, Syncope PMC chair, Cocoon PMC, Olingo PMC
> http://people.apache.org/~ilgrosso/
>
>



-- 
If 'but' was any useful, it would be a logic operator

Reply via email to