Well I figured that adding this line to my ctor
setCredentialsMatcher(new
HashedCredentialsMatcher(Sha1Hash.ALGORITHM_NAME));
wipes out all of my logins...
I am not sure if salted encrypted passwords can subsequently be subjected to a
hashing matcher.
No logins were possible thereafter... the question being... how does shiro know
how to decrypt the password that was stored away off a hash that was generated
off of the random number generator.
Can someone comment on this?
Thanks
