Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-1137

Default to sha1 hashes rather than the infrequently implemented atlassian-sha1

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Low Low
    • None
    • None
    • Backend / Domain Model
    • None

      When one creates an internal directory (including in the setup wizard), one of the options is the "password encryption" type:

      As you can see, we default to "atlassian-sha1", and the note below virtually insists on it (who would install Crowd if they didn't want "compatibility between Atlassian products"?).

      This is terrible, because we're effectively locking user passwords into a proprietary format. In particular, LDAP directories don't support 'atlassian-sha1', which means users of the internal directory cannot migrate to a proper LDAP implementation, without losing their passwords.

        1. crowd_encryption.png
          5 kB
          Jeff Turner

            [CWD-1137] Default to sha1 hashes rather than the infrequently implemented atlassian-sha1

            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 - restricted [ 1511035 ] New: JAC Bug Workflow v3 [ 3365396 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 [ 1393001 ] New: Simplified Crowd Development Workflow v2 - restricted [ 1511035 ]
            Owen made changes -
            Workflow Original: Crowd Development Workflow v2 [ 272890 ] New: Simplified Crowd Development Workflow v2 [ 1393001 ]
            joe made changes -
            Resolution New: Obsolete [ 11 ]
            Status Original: Open [ 1 ] New: Resolved [ 5 ]
            joe made changes -
            Assignee Original: David O'Flynn [Atlassian] [ doflynn ]
            jawong.adm made changes -
            Workflow Original: JIRA Bug Workflow v2 [ 173552 ] New: Crowd Development Workflow v2 [ 272890 ]
            Justin Koke made changes -
            Workflow Original: jira [ 128845 ] New: JIRA Bug Workflow v2 [ 173552 ]
            DonnaA made changes -
            Component/s New: Backend / Domain Model [ 11545 ]
            Jeff Turner made changes -
            Priority Original: Critical [ 2 ] New: Minor [ 4 ]
            Summary Original: atlassian-sha1 must die New: Default to sha1 hashes rather than the infrequently implemented atlassian-sha1
            Jeff Turner created issue -

              Unassigned Unassigned
              7ee5c68a815f Jeff Turner
              Affected customers:
              1 This affects my team
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: