Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-6470

Encrypt the password in REST API POST endpoint /opennms/rest/users

    XMLWordPrintable

Details

    • Horizon 2020 - July 8, Horizon 2020 - July 22

    Description

      The ReST interface doesn't encrypt or hash the password you supply via POST when creating a user. The WebUI obviously does this for you, and I can't imagine why you wouldn't want the REST API to do it for you as well so here's a patch. Even respects the salt attribute to preserve the ability to use the old crappy uppercase MD5 algorithm.

      To accomplish this I'm using UserManager.saveUser(String name, User details) rather than UserManager.save(OnmsUser user). I suppose the same could be accomplished by modifying UserManager.save(OnmsUser user) but I didn't want to mess with that in case something else depended on that functionality.

      Includes the appropriate change to the unit test.

      Attachments

        Activity

          People

            ranger Benjamin Reed
            schlend David Schlenk
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: