Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How JIRA 4.4 encrypt users` password

Huan Lin
Huan Lin July 17, 2012

I have update JIRA from 4.2 to 4.4 . We used CAS for login both JIRA and Confluence , I have solved the problem with login as LDAP user that will compare the username and password with the count in LDAP . But as we need to add client user who don`t have count in LDAP and need to login as internal user. We used a method to encrypt the raw password and compare the encrypted password with password in JIRA db , this worked well in JIRA 4.2 . Now after upgrade to 4.4 I found that the encrypted password is not as same as the one store in JIRA db so that the client user can`t access JIRA through CAS .

I wonder if JIRA 4.4 have changed the encrypt method ? could anyone tell me which method JIRA is using for encrypting the raw password?

Watch
Like Erik Johansson likes this
489 views

1 answer

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

3 votes
Dennis Kromhout van der Meer
Dennis Kromhout van der Meer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 17, 2012

The password encryption standard has indeed changed, as it now uses the same password encryption algorithm as Crowd. I would recommend to check out PasswordEncoder in crowd-password-encoders, in the JIRA source. Specifically, you should review the encodePassword method, which details our new password encryption algorithm implementation.

View More Comments
Huan Lin
Huan Lin July 18, 2012

Hi ,

I find that there are several methods to encrypt password , I have tried to use some of them , but the return value is not matched the one store in JIRA database . And I found that when I used *AtlassianSecurityPasswordEncoder* and *LdapMd5PasswordEncoder* to encode password the result will change every time , this makes me fell confused.

So could you please tell me which one is the 'real' encodePassword using in jira 4.4.5?

Like
Reply
Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events