DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24752>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24752 TurbineUserManagement - encryptPassword() - Stream not flushed Summary: TurbineUserManagement - encryptPassword() - Stream not flushed Product: Jetspeed Version: 1.4b4 Platform: All OS/Version: All Status: NEW Severity: Major Priority: Other Component: Security AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] In org.apache.jetspeed.services.security.turbine.TurbineUserManagement in Method encryptPassword() the OutputStream is not flushed. The result is that the returned encrypted passwordstring is not complete and i think it may vary on different systems. /* CODE from current CVS: */ MessageDigest md = MessageDigest.getInstance(passwordsAlgorithm); byte[] digest = md.digest(password.getBytes("UTF-8")); ByteArrayOutputStream bas = new ByteArrayOutputStream(digest.length + digest.length / 3 + 1); OutputStream encodedStream = MimeUtility.encode(bas, "base64"); encodedStream.write(digest); return bas.toString(); /* FIX: */ encodedStream.flush(); --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
