Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

os.encryption hash?

Mike110
Mike Feb 06, 2013

Hi,

I'm trying to pass my credential with os_username and os_password. However I did not find a way to secure my password. https://developer.atlassian.com/display/CONFDEV/Password+Hash+Algorithm does not seems to work for me.

How I can ensure security using a connection string like os_username=myuser&os_password=mypassword.

I'm getting these value from a kerberized Apache and point the login.url of seraph-config to my apache.

Thanks

Answer
Watch
Like Be the first to like this

1 answer

1 accepted

1 vote
Accepted answer
Tim Wong2
Tim Wong Feb 07, 2013

Hi Mike,
Depends on what you're trying to secure.

If you just don't want your uname password to show up in the access logs, you can do something like:

francois:curl twong$ curl --basic --user admin:admin 'http://localhost:8080/login.jsp?os_destination=%2Fsecure%2FDashboard.jspa&os_authType=basic'

That is, you can use os_authType=basic to move the os_username/password stuff to normal basic auth.

If you are trying to secure the transport, then use https for the TLS. If you're talking about plaintext passwords in the code, that's a different ballgame.

View More Comments
Mike110
Mike Feb 07, 2013

I just did something easier.. Moved my request to POST instead of GET .... Works like a charm .. And yeah, I'm using SSL encryption as well.

Now I'm having my Apache doing a kerberos authentication and FW credentials to tomcat :)

Like
Reply

Suggest an answer

Log in or Sign up to answer
Community showcase
Avinoam Zelenko
Avinoam Zelenko
Posted Feb 06, 2019 in Confluence

Try out the new editing experience

Hi team, I’m Avinoam, a product manager on Confluence Cloud, and today I’m really excited to let the Community know that all customers can now try out the new editing experience and see some of the ...

982 views 51 8
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you