The encryption method is set in security.xml - look for the bean called
passwordEncoder. The default setting is ShaPasswordEncoder which is a
one-way hash, so the password cannot be decoded.
Mike
On 10/2/07, John Kwon <[EMAIL PROTECTED]> wrote:
>
> Ok, I have:
>
>
> Authentication authen =
> context.getAuthentication();
>
> Object principal =
> *null*;
>
> *if* (authen != *null*)
>
> {
>
> principal = authen.getPrincipal();
>
> log.debug("Principal is: " + principal.getClass().getName());
>
> }
>
> *if* (principal != *null*)
>
> {
>
> loggedInUser = (User) principal;
>
> userid = loggedInUser.getUsername();
>
>
>
> and it's definitely the org.appfuse.model.User
>
> getUsername gets me the username, and getPassword gets me the encrypted
> password.
>
> It's obviously not the Base64 encryption - how do I decrypt the password?
>
> I need it for further transactions...
>
