How would an API client know to use cleartext or MD5 hash?
> -----Original Message----- > From: Abhinandan Prateek > Sent: Saturday, April 28, 2012 7:56 AM > To: Kevin Kluge; cloudstack-dev@incubator.apache.org > Subject: RE: user credntials > > In 2.2.* we were passing MD5 encoded password via UI. For Acton it changed > to unencrypted password as that was the only way to have external systems > to authenticate cloudstack users for example external LDAP. > This is being reverted back to MD5 encoded password in 3.0.2 as it was. It > will > be left to the admin to configure this encryption mechanism in case LDAP is in > use. > > -Abhi > > -----Original Message----- > From: Kevin Kluge > Sent: Saturday, April 28, 2012 8:16 PM > To: Abhinandan Prateek; cloudstack-dev@incubator.apache.org > Subject: RE: user credntials > > Abhi, is this a backwards incompatible API change? Also, what does it mean > for upgrade? > > I thought we always sent MD5 hashed passwords from UI to MS. Can you > explain the change a bit more? > > -kevin > > > -----Original Message----- > > From: Abhinandan Prateek > > Sent: Saturday, April 28, 2012 12:14 AM > > Subject: user credntials > > > > Team, > > There has been a change in the way passwords are being passed from > > the cloudstack UI. In case you have difficulty login with the new 3.* > > build, clear your browser cache. If you are using API to login then > > you need to provide > > MD5 encrypted passwords to login instead of plaintext. In case you > > still have issues drop me an email. > > -Abhi
