powered by Jive Software

Password in spark.properties I don't want encrypted

We have been using Spark for about 2 years and I thought all was going pretty good until I watched users just closing their Spark and not putting their password in after AD forced them to change password. I have tried to write documentation with plenty of pictures to help them understand what needs to be done and how to do it to no avail. I have now switched gears and have created a script to auto log them in based on their computer name or if IT is login Microsoft login credentials and I think I have everything good but the password line. A will attach an example of our bat file I plan to use. On the openfire server we have created a database of all our computer names and IT staff with the exact same password. I am trying to automate this so it automatically logs the PC on without any user intervention and our users jump around on different PC’s. We are a Credit Union and really only want to have this software running to send alerts to all PC’s of things like robbery’s, severe weather, etc. Is this doable? Can I turn off the encrypted password on the client side of spark.properties? How is the password created? Maybe I can generate the correct password at the time of login.
test.zip (3269 Bytes)

Have you considered using other messaging systems like Microsoft’s Messenger service? http://support.microsoft.com/kb/168893

You could also try modifying the LoginDialog.java file in the Spark source to load a plaintext password from a file of your choosing. Look around line 544 if you want to read in from a different file, or if you want to change SettingsManager to store the passwords in plaintext, you’d need to edit a few things:

Lines 123-145 of LocalPreferences.java should be changed from:

public String getPasswordForUser(String barejid)

{

try {

String pw = “password”+Encryptor.encrypt(barejid);

return Encryptor.decrypt(props.getProperty(pw));

} catch(Exception e){

return null;

}

}

/**

  • Sets the password for barejid

  • both will be encrypted

  • @param barejid

  • @param password

  • @throws Exception

*/

public void setPasswordForUser(String barejid, String password) throws Exception

{

String user = “password”+Encryptor.encrypt(barejid);

String pw = Encryptor.encrypt(password);

props.setProperty(user, pw);

}

to:

public String getPasswordForUser(String barejid)

{

try {

String pw = “password”+barejid;

returnprops.getProperty(pw);

} catch(Exception e){

return null;

}

}

/**

  • Sets the password for barejid

  • both will be encrypted

  • @param barejid

  • @param password

  • @throws Exception

*/

public void setPasswordForUser(String barejid, String password) throws Exception

{

String user = “password”+barejid;

String pw = password;

props.setProperty(user, pw);

}

Keep in mind this is very insecure, and you shouldn’t store actual password this way!

why not just set up SSO?

We have never tried that here. We have a Windows 2008 DC, Windows 7 PC’s, and openfire running on ubuntu. Do you know where I can get some documentation on how to get this setup?

Maybe it’s an option for you to specify the username, password and server on the command line:

\path-to\Spark.exe username=john&password=john&server=example.com