Taras,
From what I see this license complies with Apache 2.0 and allows to do
everything we want with the code. Just the license notice has to be preserved.
So, I would add the source file to Ignite.
—
Denis
> On Feb 12, 2018, at 7:57 AM, Taras Ledkov wrote:
>
> Colleagues, Denis,
>
> It w
Taras,
How about to take a look at https://shiro.apache.org/ ?
Apache Shiro™ is a powerful and easy-to-use Java security framework.
It also supports Blowfish.
https://shiro.apache.org/static/1.3.1/apidocs/org/apache/shiro/crypto/BlowfishCipherService.html
And has Apache license.
--
Alexey Kuzne
Colleagues, Denis,
It will be great to use bcrypt for password hashing in Ignite.
Could you suggest the right way to use bcrypt:
1. add 'jbcrypt' maven dependency;
2. include the single 'BCrypt.java' file to our project [1].
Does the license allow to include 'BCrypt.java' ?
[1].
https://github
Password hashing algorithms of the popular vendors:
mysql: SHA-265, old-native-hash
postgres: MD5, DES, Extended DES, Blowfish-based
oracle: SHA-1
Some about "comparison" SHA-2 vs bcrypt [1]:
> SHA-512 is a cryptographic hash while bcrypt is a password hash or
PBKDF (password based key derivat
Taras,
I think we need a comparison of available options and (possibly) analysis
what other vendors use.
On Tue, Jan 16, 2018 at 3:56 PM, Taras Ledkov wrote:
> What do you think about usage bcrypt [1], [2] to store encrypted password?
>
> [1] https://stackoverflow.com/questions/1561174/sha512-v
What do you think about usage bcrypt [1], [2] to store encrypted password?
[1]
https://stackoverflow.com/questions/1561174/sha512-vs-blowfish-and-bcrypt
[2] https://en.wikipedia.org/wiki/Bcrypt
On 15.01.2018 11:19, Vladimir Ozerov wrote:
2) Credentials will be stored in a form of [username +
The overall proposal sounds simple and reasonable to me. However, I would
suggest us to consider requirements of REST, Web Console and scripts that needs
to be adopted too.
Alexey K., Andrey N., as Web Console maintainers please chime in.
Vladimir, do you think simple password based authenticat
