[midPoint] REST - POSTing passwords in the clear

Roberto Casiano roberto.casiano at cogitogroup.com.au
Tue Feb 9 08:01:29 CET 2016


Hi,

Using REST, we're creating and modifying users, including setting passwords. However, the passwords are in cleartext. I noticed though that in the repository, the user passwords are encrypted.


1.      Is it possible to send encrypted passwords (during both user creation and modification)?

2.      Where can the REST client (which is our app) get the key that midPoint uses for the password?

Thanks,
Rob


This email, and any attachment, is confidential and also privileged. If you have received it in error, please notify me immediately and delete it from your system along with any attachments. You should not copy or use it for any purpose, nor disclose its contents to any other person.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160209/51233e4e/attachment.htm>


More information about the midPoint mailing list