Please I need help or hints about this issue? Is it a bug?
---------- Forwarded message ---------- From: Nebil Mabrouk <[email protected]> Date: Wed, Sep 12, 2018 at 10:12 PM Subject: [cas-user] Issue when using JSON (Whitelist) Authentication with Password Encoding To: CAS Community <[email protected]> Hi all, I have a problem when using JSON Authentication with Password Encoding. I used both CAS versions 5.3.2 and 5.3.3, and below is the used config: *Properties:* cas.authn.json.location=file:/path_xx/users-SHA-256.json #cas.authn.json.name= cas.authn.json.passwordEncoder.type=DEFAULT cas.authn.json.passwordEncoder.encodingAlgorithm=SHA-256 cas.authn.json.passwordEncoder.characterEncoding=UTF-8 JSON file: { "@class" : "java.util.LinkedHashMap", "admin" : { "@class" : "org.apereo.cas.adaptors.generic.CasUserAccount", "password" : "*8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918*", "attributes" : { "@class" : "java.util.LinkedHashMap", "kkkkkk" : "vvvvvvv" }, "status" : "OK", "expirationDate" : "2019-12-31" } } *Log:* 2018-09-12 21:29:49,399 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Using [UTF-8] as the character encoding algorithm to update the digest> 2018-09-12 21:29:49,402 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Encoded password via algorithm [SHA-256] and character-encoding [UTF-8] is [8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918]> 2018-09-12 21:29:49,430 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Using [UTF-8] as the character encoding algorithm to update the digest> 2018-09-12 21:29:49,431 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Encoded password via algorithm [SHA-256] and character-encoding [UTF-8] is [998ed4d621742d0c2d85ed84173db569afa194d4597686cae947324aa58ab4bb]> 2018-09-12 21:29:49,431 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Provided password does not match the encoded password> *Problem:* According to the debug info, CAS encodes the password *twice*, and the second encoding is wrong. I don't understand how it is produced. I used as password '*admin*', which SHA-256 encoding is *8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918*. But CAS considers the second encoding, i.e., *998ed4d621742d0c2d85ed84173db569afa194d4597686cae947324aa58ab4bb* (when I use this encoding it works). *Thank you in advance for your help :)* -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/ apereo.org/d/msgid/cas-user/4fb02cde-2a9a-43ee-a127- e01accfcc494%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/4fb02cde-2a9a-43ee-a127-e01accfcc494%40apereo.org?utm_medium=email&utm_source=footer> . -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAKnBmdzASUc%2BEejv9-POmk7_LzYW8Phq_eLssDxrVjTyk7%2BHXA%40mail.gmail.com.
