Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

os.encryption hash?

Mike
Mickael February 6, 2013

Hi,

I'm trying to pass my credential with os_username and os_password. However I did not find a way to secure my password. https://developer.atlassian.com/display/CONFDEV/Password+Hash+Algorithm does not seems to work for me.

How I can ensure security using a connection string like os_username=myuser&os_password=mypassword.

I'm getting these value from a kerberized Apache and point the login.url of seraph-config to my apache.

Thanks

Answer
Watch
Like Be the first to like this
2189 views

1 answer

1 accepted

1 vote
Answer accepted
twong_atlassian
twong_atlassian
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 7, 2013

Hi Mike,
Depends on what you're trying to secure.

If you just don't want your uname password to show up in the access logs, you can do something like:

francois:curl twong$ curl --basic --user admin:admin 'http://localhost:8080/login.jsp?os_destination=%2Fsecure%2FDashboard.jspa&os_authType=basic'

That is, you can use os_authType=basic to move the os_username/password stuff to normal basic auth.

If you are trying to secure the transport, then use https for the TLS. If you're talking about plaintext passwords in the code, that's a different ballgame.

View More Comments
Mike
Mickael February 7, 2013

I just did something easier.. Moved my request to POST instead of GET .... Works like a charm .. And yeah, I'm using SSL encryption as well.

Now I'm having my Apache doing a kerberos authentication and FW credentials to tomcat :)

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.