ClearPass stored in clear text?
Tim McLaughlin
TL;DR: If one implements ClearPass in CAS 5.0.2 with the key exchange described in the doc, are the user's credentials stored in clear text, even just in memory?
We have an application that was "shoehorned" into using SSO via our old CAS (3.4.x) and we are moving to 5.0.2. During that move, we are throwing out all of our local customizations and taking a "supported features only" stance.
ClearPass in CAS 5 has the nice feature of being able to encrypt attributes with a keypair, but we still want to avoid it if the credentials are kept in clear text, ever. I am assuming that this is what all of the warnings are for, but I don't want to stick with an assumption.
Thank you,
Tim
Misagh Moayyed
TL;DR: If one implements ClearPass in CAS 5.0.2 with the key exchange described in the doc, are the user's credentials stored in clear text, even just in memory?
5.0.x: yes.
5.1.x: optional.
Tim McLaughlin
Perfect, thank you!
Sent: Friday, February 17, 2017 12:14:01 AM
To: cas-...@apereo.org
Subject: RE: [cas-user] ClearPass stored in clear text?
TL;DR: If one implements ClearPass in CAS 5.0.2 with the key exchange described in the doc, are the user's credentials stored in clear text, even just in memory?
5.0.x: yes.
5.1.x: optional.
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/00aa01d288f5%248834c350%24989e49f0%24%40unicon.net.