[jboss-jira] [JBoss JIRA] (WFLY-7584) User should be able to specify only one password type for Elytron filesystem-realm identity
Ondrej Lukas (JIRA)
issues at jboss.org
Tue Nov 15 02:24:01 EST 2016
Ondrej Lukas created WFLY-7584:
----------------------------------
Summary: User should be able to specify only one password type for Elytron filesystem-realm identity
Key: WFLY-7584
URL: https://issues.jboss.org/browse/WFLY-7584
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
It is possible to specify more types of password encryption/hash mechanism in {{set-password}} operation of filesystem-realm identity. When this happens then first password encryption/hash mechanism is correctly used, but the rest of them is discarded. However it make sense to have set only one password encryption/hash mechanism for identity. It can be confusing to allow CLI command with more types of password encryption/hash mechanism specified.
Suggestion for improvement:
Disallow to use set-password operation with more than one password encryption/hash mechanism.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list