Reading the source code I can understand that the master admin
password, is the password protecting JKS (trustore and keystore)
If the domain administrator wants to modify the master password,
glassfish needs to modify the JKS password, by invoking the class
IdentityManager and method setMasterPassword, right ?
Then I ask, if it is reliable to use the
IdentityManager.getMasterPassword() method to open the JKS database.
at v3/common/common-util/
com.sun.enterprise.security.store.IdentityManager.getMasterPassword
thanks
Claudio
On Wed, Apr 2, 2008 at 7:02 PM, Claudio Miranda <claudio_at_claudius.com.br> wrote:
> How to get the admin password, where the admin user have authenticated ?
> I see the admin users and hashed password are stored at
> domains/domain1/config/admin-keyfile and are SSHA encrypted, so this
> is not reversible.
> But what about getting the password the user had provided at the
> admin console ?
> I want to encrypt a text by using this password as the secret key