Hi, I tried an upcoming version of apache shiro (alpha 2) under Karaf and I have some questions: 1) We configure our application security with one config file (Shiro, internal configuration) where we also want to setup a hash provider and its configuration. But I don't see any way how I can setup cost for bcrypt or parameter for argon2id if I want to use DefaultPasswordService and DefaultHashService. Is there any way how to do it? 2) We would like to "upgrade" the hash if the hash provider was changed (for example change bcrypt cost from 12 to 13). So when a user is authorized we can also check if a new algorithm and an old algorithm are the same. If they are, we will save a new computed hash. But I don't know how to get an algorithm setup from the hash because BCryptHash class isn't public.
I appreciate for every advice you can give.
