I was curious if we will be getting better hashing algorithms? I'm new to Cryptography and such, but I was reading somethng last nigth saying that SHA isn't really secure for passing and we should be using either bcrypt, scrypt, or PK2BK?
Someone made a post about spring security and bcrpyt, but I rather not mix it with Shiro if possible... Would be nice to have these features. From the documentation it's shown to use SHA-256 for passwords and a password matcher, but how secure is it? I would love to help out with improving the library, but I don't know if I will be of any help as a semi-noobie :(. Thanks for everything Lez! > Date: Wed, 17 Sep 2014 13:14:11 -0700 > Subject: Re: Has anyone tried the Shiro 2.0 branch? > From: [email protected] > To: [email protected] > > Hi Paul, > > I'm not sure if they'll still work or not, as I haven't tested. I'd > *like* to ensure that they still work, or better yet, include the JEE > interceptor support directly in Shiro. If anyone would like to help > with this effort, I'm sure the dev team would appreciate it! > > Les > > > On Sun, Sep 14, 2014 at 2:42 AM, Paul Holding <[email protected]> wrote: > > Hi Les > > > > Looking through the release notes I didn't see any mention of CDI, JSF, or > > Jave EE Interceptors so I was wondering whether some of the existing > > enhancements that have been created by the community are likely to still > > work with Shiro 2.0. > > > > For CDI and JSF I'm using Pax Shiro ( > > https://github.com/ops4j/org.ops4j.pax.shiro > > <https://github.com/ops4j/org.ops4j.pax.shiro> ). > > > > For Java EE Interceptors I'm using some code from BalusC's blog ( > > http://balusc.blogspot.co.uk/2013/01/apache-shiro-is-it-ready-for-java-ee-6.html#DeclarativeRestrictionInBeanMethods > > <http://balusc.blogspot.co.uk/2013/01/apache-shiro-is-it-ready-for-java-ee-6.html#DeclarativeRestrictionInBeanMethods> > > ) > > > > Do you think these are likely to still work in Shiro 2.0? > > > > Kind Regards > > > > Paul > > > > > > > > -- > > View this message in context: > > http://shiro-user.582556.n2.nabble.com/Has-anyone-tried-the-Shiro-2-0-branch-tp7580195p7580212.html > > Sent from the Shiro User mailing list archive at Nabble.com.
