Closed GoogleCodeExporter closed 9 years ago
Let's discuss this in syncope-dev: can you start a thread, please?
Original comment by chicchiricco
on 29 Dec 2011 at 9:17
Original comment by fabio.ma...@gmail.com
on 18 Jan 2012 at 10:12
Scenario: an user is subscribing to a new resource
Case 1: 2-way (a.k.a. symmetric) password cipher algorithm is configured in
Syncope
Use decrypted password from SyncopeUser to subscribe new resource.
Case 2: 1-way (a.k.a. hash or asymmetric) password cipher algorithm is
configured in Syncope and no clear-text password is available (for example,
passed via UserMod or provided by a synchronizing resource)
Provide, on a resource-basis, a mean to configure how new password should be
generated:
* constant
* random password generation (compliant with resource password policy, if present - see issue 218)
* provide custom Java class
Original comment by chicchiricco
on 28 May 2012 at 8:42
As far as I understand, case 2 is actually what happens when a user gets
subscribed to a resource based on template, coming from a source without
password.
Original comment by mrva...@gmail.com
on 15 Oct 2012 at 7:34
This issue was moved to https://issues.apache.org/jira/browse/SYNCOPE-122
Original comment by chicchiricco
on 16 Oct 2012 at 6:36
Hmm... although I see how SYNCOPY-122 could solve some of the original ideas
reported in this bug, it does not mention a 2-way encrypted pwd as a solution,
nor delayed (or random) pwd synchronization untill someone resets pwd on
Syncope. Do you want me to open a new issue in Jira for this?
Original comment by mrva...@gmail.com
on 16 Oct 2012 at 7:32
opened an issue on Jira.
https://issues.apache.org/jira/browse/SYNCOPE-223
Original comment by denis.si...@gmail.com
on 16 Oct 2012 at 9:13
Original issue reported on code.google.com by
denis.si...@gmail.com
on 28 Dec 2011 at 9:16