Hi Marvin, Thanks for getting back to me. I wasn't salting my passwords, and I've now managed to fix it. The problem I had was that I was testing MD5 and SHA1 passwords and hadn't converted them when testing.
Cheers, On 16 Apr 2012, at 14:09, Marvin S. Addison wrote: >> I'm using the DefaultPasswordEncoder with the SHA1 constructor >> argument, but users aren't being authenticated in my MySQL database. >> Users are being checked correctly, and they authenticate if I remove >> the passwordEncoder reference and set the password value to plain >> text (such as 'password'). > > What facility are you using to generate password hashes in MySQL? Are > the hashes salted? Note we do not support salted password hashes at > present. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
