I am playing with the JdbcAuthenticator on Resin 4.0 and for some reason 
I can not get it to authenticate properly.  With the detail level set to 
finest, I am always getting:

mismatched password:aaron

where "aaron" is the username I am trying to authenticate.

I have tried trimming the password and even forcing it like:

<password-query> select 'abcd' password from login where username = 

and cannot get it to authenticate.

So the next question is, are the passwords stored in the database 
plaintext or do they need to be encrypted?  If they need to be 
encrypted, what is the default digest for doing that?



resin-interest mailing list

Reply via email to