"Lang, Cliff" <[EMAIL PROTECTED]> writes: > Does TurbineSecurity.setAuthenticatedUser() try an encrypted form of the > password on it own? How do you get the salt that was used to encrypt > the original? > > I have searched for examples but haven't found any. Can someone point > me in the right direction?
We use a SHA1 hash by default (configurable via TR.props). This is not compatible with UNIX crypt(). You could port a crypt() to a MessageDigest implementation and use that instead of SHA1. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
