On Mon, Nov 28, 2011 at 5:34 PM, metin d <[email protected]> wrote: > Yes, I changed it to JDBC based user store and database is correct, > > it produced this string for "test1234": > 3ImBoCnrc8xybmA857r6y9fd0XO/2PRI+k4Z6f0XQ3A= > > while its SHA-256 encoding is > 937e8d5fbb48bd4949536cd65b8d35c426b80d2f830c5c308e2cdec422ae2244 > > Is there any extra processing in wso2, >
Yes, there is extra processing, if 'StoreSaltedPassword' value is enabled (which is the default case) in user-mgt.xml, a salt value is generated and both the password and the salt value become the input for the digest function. Encoded salt value is also stored in the UM_USER table in UM_SALT_VALUE field. You can find the related code at [1]. this mail is talking about some extra processes. > http://old.nabble.com/How-hashed-passwords-are-generated-td31740602.html > Above mail thread describes the password storing mechanism used, when the underlying user store is LDAP. [1] https://svn.wso2.org/repos/wso2/branches/carbon/3.2.0/core/org.wso2.carbon.user.core/3.2.2/src/main/java/org/wso2/carbon/user/core/jdbc/JDBCUserStoreManager.java Thanks, Hasini. > > ------------------------------ > *From:* Hasini Gunasinghe <[email protected]> > > *To:* metin d <[email protected]>; [email protected] > *Cc:* Prabath Siriwardena <[email protected]> > *Sent:* Monday, November 28, 2011 1:51 PM > > *Subject:* Re: [Carbon-dev] What is the type of the password used in > carbon products? md5, sha1 etc ? > > Hi, > > On Fri, Nov 25, 2011 at 4:26 PM, metin d <[email protected]> wrote: > > Carbon version is 3.2.2 and > > database is user database which is configured in user-mgt.xml and table > is UM_USER and filed is UM_USER_PASSWORD > > > In carbon 3.2.2, default user store is embedded-ldap and the users are > created there by default. > > According to your description, I assume that you changed the configuration > in user-mgt.xml to point to JDBC based user sore. > > In that case, digested password, according to the password digest function > provided in user-mgt.xml (SHA-256 by default) is stored in > UM_USER_PASSWORD field of UM_USER table. > > Can you please make sure that you checked in the same database that you > have pointed from the user-mgt.xml as well? > > Thanks, > Hasini. > > > What I am trying to do is to use users in wso2 table so I should able to > create hashed password from plain password. > > ------------------------------ > *From:* Prabath Siriwardena <[email protected]> > *To:* metin d <[email protected]>; [email protected] > *Sent:* Friday, November 25, 2011 11:25 AM > > *Subject:* Re: [Carbon-dev] What is the type of the password used in > carbon products? md5, sha1 etc ? > > > > On Fri, Nov 25, 2011 at 2:38 PM, Prabath Siriwardena <[email protected]>wrote: > > What is the carbon version you are using..? > > > Also which database you checked it..? > > Thanks & regards, > -Prabath > > > > Thanks & regards, > -Prabath > > On Fri, Nov 25, 2011 at 2:27 PM, metin d <[email protected]> wrote: > > It says SHA-256, but is doesn't create SHA-256 encoded passwords in > database, I checked it from here and in other places. > > http://www.technipixel.com/webapps/hashencoder.htm > > ------------------------------ > *From:* metin d <[email protected]> > *To:* "[email protected]" <[email protected]> > *Sent:* Friday, November 25, 2011 9:53 AM > *Subject:* Re: [Carbon-dev] What is the type of the password used in > carbon products? md5, sha1 etc ? > > Found it under user-mgt.sml > > <Property name="PasswordDigest">SHA-256</Property> > > ------------------------------ > *From:* metin d <[email protected]> > *To:* "[email protected]" <[email protected]> > *Sent:* Friday, November 25, 2011 9:17 AM > *Subject:* [Carbon-dev] What is the type of the password used in carbon > products? md5, sha1 etc ? > > What is the type of the password used in carbon products? md5,sha1 etc ? > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > > -- > Thanks & Regards, > Prabath > > http://blog.facilelogin.com > http://RampartFAQ.com > > > > > -- > Thanks & Regards, > Prabath > > http://blog.facilelogin.com > http://RampartFAQ.com > > > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > >
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
