On Apr 16, 2014, at 12:56 PM, Demetrius Tsitrelis <demetrius.tsitre...@citrix.com> wrote:
> One problem is that the API documentation > (https://cloudstack.apache.org/docs/api/apidocs-4.3/root_admin/login.html) > still says that the password should be hashed. The docs are out of date; > send > the password in plain text. Demetrius, can you give me the correct description for the apidoc ? I can make that change. > > And - think about security. DON'T use HTTP GET or the query parameters you > send will be saved in the caches of all intermediate servers. Also DO use > HTTPS. > > -----Original Message----- > From: Tejas Gadaria [mailto:refond.g...@gmail.com] > Sent: Tuesday, April 15, 2014 2:02 AM > To: dev@cloudstack.apache.org > Subject: login API with MD5 is not working > > Hi, > > I am trying to login in to CS 4.3 though login API. > > I am passing MD5 hash (1st) in password that works fine with CS 4.0.2 but > same > doesn't works well with CS 4.3. Then I try to pass password in plain text ( > 2nd) & it worked, Is this a bug? > > Both APIs are given below, > > > 1) > http://10.129.151.55:8080/client/api?&command=login&username=admin&password=5f4dcc3b5aa765d61d8327deb882cf99 > > > 2) > http://10.129.151.55:8080/client/api?&command=login&username=admin&password=password > > Regards, > Tejas
