What about use Spring Security naming? http://static.springsource.org/spring-security/site/docs/3.1.x/apidocs/org/springframework/security/core/userdetails/UserDetails.html
On 21 oct, 16:55, Jordi Boggiano <[email protected]> wrote: > On 21.10.2010 16:12, Miha Vrhovnik wrote: > > > I would also 2nd the usage of hash function and stronger algorithm > > like whirlpool. Also as the hash algorithms are becoming longer.. They > > should be base64 encoded, so I propose to also have a password_ecoding > > parameter with 2 values (hex, base64) > > hash() should definitely be used, and I'd recommend sha256 rather than > whirlpool for obscure reasons but I'd be happy with any of them > honestly, sha1 and especially md5 shouldn't be used anymore. > > Cheers > > -- > Jordi Boggiano > @seldaek ::http://seld.be/ -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
