Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-3643

Regression: user password Jasypt encryption does not work any more

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Major Major
    • jboss-fuse-6.2.1
    • jboss-fuse-6.2
    • Security
    • None
    • % %
    • Hide

      1. Unzip A-MQ 6.2.0
      2. Install the jasypt-encryption feature:

      • run bin/karaf
      • features:install jasypt-encryption
      • exit
        3. Enable the admin/admin user by un-commenting the last line of etc/users.properties file
        4. Have the JAAS Properties module deployed:
      • copy the attached plm2.xml Blueprint file to the "deploy" directory
        5. Run bin/start
        6. Connect via SSH: ssh -l admin -p 8101 [host] , and enter password "admin"
        7. Login succeeds.

      8. Look at etc/users.properties file: the admin password has not been been automatically encrypted as a value starting and ending with

      {CRYPT}

      For A-MQ 6.1.0
      repeat same steps
      1. Unzip A-MQ 6.1.0
      .. ..
      8. Look at etc/users.properties file: the admin password *has been* automatically encrypted as a value starting and ending with {CRYPT}
      Show
      1. Unzip A-MQ 6.2.0 2. Install the jasypt-encryption feature: run bin/karaf features:install jasypt-encryption exit 3. Enable the admin/admin user by un-commenting the last line of etc/users.properties file 4. Have the JAAS Properties module deployed: copy the attached plm2.xml Blueprint file to the "deploy" directory 5. Run bin/start 6. Connect via SSH: ssh -l admin -p 8101 [host] , and enter password "admin" 7. Login succeeds. 8. Look at etc/users.properties file: the admin password has not been been automatically encrypted as a value starting and ending with {CRYPT} For A-MQ 6.1.0 repeat same steps 1. Unzip A-MQ 6.1.0 .. .. 8. Look at etc/users.properties file: the admin password * has been * automatically encrypted as a value starting and ending with {CRYPT}

      Encrypting user passwords in a user properties file using Jasypt and a custom JAAS module (as described in Security Guide chap.2.1.8) does not work any more in A-MQ 6.2.0.

      In A-MQ 6.1.0, where passwords are actually automatically encrypted at first logon i.e. feature works OK. It does not work in A-MQ 6.2.0

        1. plm2-new.xml
          2 kB
        2. plm2.xml
          1 kB

              yfang@redhat.com Freeman(Yue) Fang
              rhn-support-lakagwu Lami Akagwu
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: