Hi Demetrius, Thanks for explanation, I will try with https now. Just for information, why did they change this from MD5 to plain text?
Regards, Tejas On Thu, Apr 17, 2014 at 1:03 AM, Demetrius Tsitrelis < demetrius.tsitre...@citrix.com> wrote: > There is already an open bug > (https://issues.apache.org/jira/browse/CLOUDSTACK-6311). Essentially the > same wording for the password parameter should be used in login, > CreateUser, > and UpdateUser: the password should be sent as clear text. > > -----Original Message----- > From: Sebastien Goasguen [mailto:run...@gmail.com] > Sent: Wednesday, April 16, 2014 12:16 PM > To: dev@cloudstack.apache.org > Subject: Re: login API with MD5 is not working > > > On Apr 16, 2014, at 12:56 PM, Demetrius Tsitrelis > <demetrius.tsitre...@citrix.com> wrote: > > > One problem is that the API documentation > > (https://cloudstack.apache.org/docs/api/apidocs-4.3/root_admin/login.h > > tml) still says that the password should be hashed. The docs are out > > of date; send the password in plain text. > > Demetrius, can you give me the correct description for the apidoc ? > I can make that change. > > > > > And - think about security. DON'T use HTTP GET or the query > > parameters you send will be saved in the caches of all intermediate > > servers. Also DO use HTTPS. > > > > -----Original Message----- > > From: Tejas Gadaria [mailto:refond.g...@gmail.com] > > Sent: Tuesday, April 15, 2014 2:02 AM > > To: dev@cloudstack.apache.org > > Subject: login API with MD5 is not working > > > > Hi, > > > > I am trying to login in to CS 4.3 though login API. > > > > I am passing MD5 hash (1st) in password that works fine with CS 4.0.2 > > but same doesn't works well with CS 4.3. Then I try to pass password > > in plain text ( > > 2nd) & it worked, Is this a bug? > > > > Both APIs are given below, > > > > > > 1) > > http://10.129.151.55:8080/client/api?&command=login&username=admin&pas > > sword=5f4dcc3b5aa765d61d8327deb882cf99 > > > > > > 2) > > http://10.129.151.55:8080/client/api?&command=login&username=admin&pas > > sword=password > > > > Regards, > > Tejas > >
