I'm using the StatusNet 0.9.6. The plugin CasAuthentication was installed for user authentication. I wan to use the QueryDatabaseAuthenticationHandler. The configuration in deployerConfigContext.xml is as following:
1. <bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"> <property name="dataSource" ref="dataSource" /> <property name="sql" value="select password from app_user where username=?" /> <property name="passwordEncoder" ref="MD5PasswordEncoder" /> </bean> 2. <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <property name="driverClassName" value="com.mysql.jdbc.Driver"></property> <property name="url" value="jdbc:mysql://localhost/casusers"></property> <property name="username" value="casusers"></property> <property name="password" value="casusers"></property> </bean> 3. <bean id="MD5PasswordEncoder" class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder" > <constructor-arg index="0"> <value>MD5</value> </constructor-arg> </bean> The database for my StatusNet is statusnet. In the table user, there is a user who's nickname field is "paijiji" and the password field is "19064d6a02a01198228d2f88ab64a550". The original password for the user paijiji is "paijiji" The database for the CAS server is casusers. There is only one table named app_user in this database. I insert a record that it's username field is "paijiji" and it's password field is "19064d6a02a01198228d2f88ab64a550". When I try to login my StatusNet site with the username "paijiji" and the password "paijiji", the CAS display something like "You supplied the wrong credentials". I have test the login function without passwordEncoder, and it works. What's the possible problem? Does the StatusNet don't use MD5 encryption? Where is the code for password encryption? Regards, Blue
_______________________________________________ StatusNet-dev mailing list StatusNet-dev@lists.status.net http://lists.status.net/mailman/listinfo/statusnet-dev