Re: Help!

2015-09-18 Thread Brian Demers
What does "mvn --version" show ? On Fri, Sep 18, 2015 at 12:33 PM, Abhishek Taula wrote: > Hey Guys, when i try to run the command as given in the 10 minutes > tutorial,This is how it goes: > > [INFO] Scanning for projects... > [INFO] Inspecting build with total of 1 modules... > [INFO] Installi

Help!

2015-09-18 Thread Abhishek Taula
Hey Guys, when i try to run the command as given in the 10 minutes tutorial,This is how it goes: [INFO] Scanning for projects... [INFO] Inspecting build with total of 1 modules... [INFO] Installing Nexus Staging features: [INFO] ... total of 1 executions of maven-deploy-plugin replaced with nexu

Re: Store hash and salt in a database

2015-09-18 Thread Stuart Broad
Hi Oncle, I don't think it is dangerous to store the algorithm/iterations as storing this does not enable an easy brute force dictionary attack. Sorry I don't really understand the second part of your question. I set up a password service as follows: ByteSource pepper = ByteSource.Util.

Re: Store hash and salt in a database

2015-09-18 Thread Oncle Zebulon
Hi Stuart, Thx for reply ! Isn't it dangerous to store the algo and the iteration ? An attacker should be glad to have those informations ! No? What do you think about the second part of my mail ? It seams in the JdbcReam.doGetAuthenticationInfo() if (salt != null) { info.setCredentialsSal

Re: Store hash and salt in a database

2015-09-18 Thread Stuart Broad
Hi Oncle, Sorry I meant to paste this link: https://shiro.apache.org/static/1.2.1/apidocs/org/apache/shiro/crypto/hash/format/Shiro1CryptFormat.html Cheers, Stuart On Fri, Sep 18, 2015 at 10:49 AM, Stuart Broad wrote: > Hi, > > These links might be useful: > > > https://shiro.apache.org/stat

Re: Store hash and salt in a database

2015-09-18 Thread Stuart Broad
Hi, These links might be useful: https://shiro.apache.org/static/1.2.3/apidocs/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html https://shiro.apache.org/static/1.2.3/apidocs/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html https://pythonhosted.org/passlib/modular_c

Store hash and salt in a database

2015-09-18 Thread Oncle Zebulon
Hi everybody, Just a little question : what is the best way to store hash/salt in a database ? A user table with - hash and salt columns and then use HashedCredentialsMatcher (for example) OR - password column and then use PasswordMatcher (pass generated by the hasher tool) - something else... s