How are users and passwords stored in the Jira Internal Directory

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

プラットフォームについて: Server と Data Center のみ - この記事は、サーバーおよびデータセンター プラットフォームのアトラシアン製品にのみ適用されます。

目的

It may be a requirement for auditors or administrators to understand how usernames and passwords are stored within Jira's database. This article discusses the method used when users are stored in Jira's Internal Directory. 

説明

  • Users are stored in the cwd_user table of Jira's database. 
  • Passwords are stored in the Credential column of the table and are hashed. 
  • Jira uses a password encoder called atlassian-security which is a wrapper around Bouncy Castle's implementation of PKCS #5 v2.0 (aka PBKDF2) utilizing a random 16-byte salt and 10,000 iterations, which results in a 256-bit hash.
  • This salted PKCS5S2 implementation is provided by Embedded Crowd. You may read this community post on password security from one of our Crowd developers for more details.

詳細情報

Retrieving the Jira administrator password

Jira Database Schema


説明

It may be a requirement for auditors or administrators to understand how usernames and passwords are stored within Jira's database. This article discusses the method used when users are stored in Jira's Internal Directory. 

製品Jira

最終更新日 2021 年 7 月 19 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.