Please see the recommendations in Prasanna's email in the thread I linked to earlier.
On 6/10/13 12:26 PM, "Anoop Rajendra" <anoop.rajen...@gmail.com> wrote: >Hi Chiradeep, > >My componentContext.xml has the following entries for the security >adapter section > ><bean id="userAuthenticators" >class="com.cloud.utils.component.AdapterList"> > <property name="Adapters"> > <list> > <ref bean="MD5UserAuthenticator"/> > <ref bean="LDAPUserAuthenticator"/> > <ref bean="PlainTextUserAuthenticator"/> > </list> > </property> > </bean> > > >So clearly MD5UserAuthenticator is present, and being used. > >However the updateUser api isn't working as documentation states. > >Here's proof of this. > >1. password is "password". md5sum hash of the password is >""5f4dcc3b5aa765d61d8327deb882cf99" > >If I craft the updateUser api call as the following url, > >http://localhost:8080/client/api?apiKey=68jXaZIv0O42n1h2C_KmGtHpD7YRvrYGJs >zs-d0T1pPxxxP91EYuY-gjz7pCD3pEl8x2lyLzF-WeEdupxAIUkQ&id=1723cb29-8dfd-4211 >-8ca1-212e1f192455&command=updateUser&signature=AM8rwempktibzYro%2B%2FmHEH >bnKng%3D&password=5f4dcc3b5aa765d61d8327deb882cf99&response=json > >the MD5 password stored in the database is >"696d29e0940a4957748fe3fc9efd22a3" which is actually the md5 hash of >the hashed password. > >However if I craft the URL to read, > >http://localhost:8080/client/api?apiKey=68jXaZIv0O42n1h2C_KmGtHpD7YRvrYGJs >zs-d0T1pPxxxP91EYuY-gjz7pCD3pEl8x2lyLzF-WeEdupxAIUkQ&id=1723cb29-8dfd-4211 >-8ca1-212e1f192455&command=updateUser&signature=sms6kd0LlAsZyqOFlFE%2FROsB >lyw%3D&password=password&response=json > >then the md5 password stored in the database is >"5f4dcc3b5aa765d61d8327deb882cf99", which is what I want. > >As you can see, the updateUser api requires the password to be >cleartext, and not an MD5 hash (as stated in the documentation, and as >used to work previously). > >By the way, the login API correctly requires the MD5 hashed password, >and will not work with a clear text password. > >-a > >On Mon, Jun 10, 2013 at 10:03 AM, Chiradeep Vittal ><chiradeep.vit...@citrix.com> wrote: >> There should be a configuration file called componentContext.xml in your >> install path. Search for Authenticator in the file. The order of the >> Authenticators matter. >> >> On 6/9/13 10:59 PM, "Anoop Rajendra" <anoop.rajen...@gmail.com> wrote: >> >>>How would I install the MD5Authenticator as the default >>>authenticator? >>> >>>Thanks, >>>-a >>>On Jun 7, 2013 5:56 PM, "Chiradeep Vittal" <chiradeep.vit...@citrix.com> >>>wrote: >>> >>>> See this discussion >>>> http://markmail.org/thread/7r6ia3ckkt6fzlic >>>> >>>> You might have to install the MD5Authenticator as the default >>>> authenticator. >>>> >>>> On 6/7/13 3:44 PM, "Anoop Rajendra" <anoop.rajen...@gmail.com> wrote: >>>> >>>> >Hi, When I try to run the updateUser API for the admin user, the >>>> >password field requires a cleartext unhashed password. >>>> > >>>> >With previous versions I could provide the hashed MD5 password, and >>>> >the admin password would get updated. >>>> > >>>> >-a >>>> >>>> >>
