[RTFACT-18499] Password for access-admin and admin changed by the security import api - JFrog JIRA

Details

Type: Bug
Status: Resolved
Priority: Normal
Resolution: Fixed
Affects Version/s: 6.7.3
Fix Version/s: 6.8.0, 6.7.5
Component/s: None
Labels:
None

Regression:

Yes

Description

Customer is using security.xml export/import APIs as following. And after the exported security.xml is imported into the target, it is noticed that the original passwords for admin and access-admin users become invalid.

Other observation: LDAP credentials are working fine. And the password for another local user(with admin priv) in the target did not become invalid in the same import.

https://www.jfrog.com/confluence/display/RTF/Artifactory+REST+API#ArtifactoryRESTAPI-SecurityConfiguration(Deprecated)

curl -uadmin:<password> -X GET http://localhost:8081/artifactory/api/system/security -o source_security.xml

https://www.jfrog.com/confluence/display/RTF/Artifactory+REST+API#ArtifactoryRESTAPI-SaveSecurityConfiguration(Deprecated)

curl -X POST -uadmin:<password> "http://localhost:8081/artifactory/api/system/security" -T source_security.xml

This issue exists with and without 'overwrite=true' flag in the above import api(POST)

This issue behavior did not exist in 6.5.x

Attachments

Activity

People

Assignee:

Unassigned

Reporter:

Pradnya Shinde

Votes:

2 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

12/Feb/19 12:53 AM

Updated:

18/Mar/19 3:50 PM

Resolved:

18/Mar/19 3:50 PM