[
https://issues.apache.org/jira/browse/CLOUDSTACK-1734?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13620822#comment-13620822
]
ASF subversion and git services commented on CLOUDSTACK-1734:
-------------------------------------------------------------
Commit 2dbdc46337be375940441ac4b41f95f25bbbf21d in branch
refs/heads/kvm-vnc-listen from [~vijayendrabvs]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=2dbdc46 ]
CLOUDSTACK-1734: Make SHA1 default password encoding mechanism
Description:
Making SHA256SALT the default encoding algorithm to encode
passwords when creating/updating users.
Introducing a new configurable list to allow admins to
separately configure the order of preference for encoding
and authentication schemes.
Since passwords are now sent by clients as clear text,
fixing the Plain text authenticator to check against the
password passed in rather than its md5 digest.
> Make SHA256Salt default password encoding mechanism
> ---------------------------------------------------
>
> Key: CLOUDSTACK-1734
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1734
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Management Server
> Affects Versions: 4.1.0
> Environment: Cloudstack generic
> Reporter: Venkata Siva Vijayendra Bhamidipati
> Assignee: Venkata Siva Vijayendra Bhamidipati
> Fix For: 4.2.0
>
>
> Currently MD5 is the default password encoding mechanism during user creation
> and updation. Make SHA1 the default, using the recently added
> SHA256SALTUserAuthenticator.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
