Hi,
With Cloudstack 4.2 the encryption method has been changed.
Check at first what security apdater you are using under
/etc/cloudstack/management/components.xml
You'll get a result like this:
<!-- Security adapters -->
<bean id="userAuthenticators" class="com.cloud.utils.component.AdapterList">
<property name="Adapters">
<list>
<ref bean="PlainTextUserAuthenticator"/>
<ref bean="MD5UserAuthenticator"/>
<ref bean="LDAPUserAuthenticator"/>
</list>
</property>
</bean>
if So, try to not hash the password , because with this policies you no
longer need to hash the password.
On Wed, Dec 25, 2013 at 11:58 AM, Salar Darwish <[email protected]>wrote:
> Yes ik use port8096 and that was indeed the resason i get the error. I
> changed that to port 8080 and now i get a session key as you mentioned. How
> can i use this sessionkey?
>
>
> 2013/12/25 Santhosh Edukulla <[email protected]>
>
> > 1. How you are retrieving the sessionkey with your mysqlquery?
> >
> > 2. I believe you are using Authentication Port 8080. If yes, below is the
> > POST url along with params for login cmd. This should give the sessionkey
> > for your further communication with CS.
> >
> > Request:
> > http://localhost:8080/client/api
> >
> > command login
> > domain /
> > password password
> > response json
> > username abc
> >
> > Response:
> >
> > { "loginresponse" : { "timeout" : "1800", "sessionkey" :
> > "tBr9fYLiIzoKVPQK0TBJb1BCeoQ=", "username" : "admin", "registered" :
> > "false", "userid" : "ce801a0a-6d58-11e3-924d-7ac46bc9b016", "lastname" :
> > "User", "account" : "admin", "domainid" :
> > "ce7c8c82-6d58-11e3-924d-7ac46bc9b016", "firstname" : "Admin", "type" :
> "1"
> > } }
> >
> > 3. If you are using UnAuthenticated Port 8096 to communicate, you need to
> > use apiKey,signature and command parameters with your POST request to CS.
> >
> > Santhosh
> > ________________________________________
> > From: Salar Darwish [[email protected]]
> > Sent: Wednesday, December 25, 2013 4:22 AM
> > To: [email protected]; Santhosh Edukulla
> > Subject: Re: password hash
> >
> > Dear Santhosh,
> >
> > I do not use the login api . I use a mysql query to login into the web
> > interface. when i use the password from the database(hashed) i can login
> > with no problems. i tried to encrypt the password query i am sending to
> the
> > database to MD5 but still can not login.
> >
> > after your mail i tried to use the login api but i get the folowing
> error:
> > "{ \"error\" : { \"description\" : \"Internal Server Error\" } }"
> >
> >
> >
> > 2013/12/25 Santhosh Edukulla <[email protected]<mailto:
> > [email protected]>>
> > 1. you are using "login" command to verify your account created through
> > "createAccount"?
> >
> >
> > 2. The API description for "login" mentions below. See the description
> for
> > argument password.
> >
> > <command>
> > <name>login</name>
> > <description>Logs a user into the CloudStack. A successful login
> > attempt will generate a JSESSIONID cookie value that can be passed in
> > subsequent Query command calls until the "logout" command has
> > been issued or the session has expired.</description>
> > <isAsync>false</isAsync>
> > <request>
> > <arg>
> > <name>username</name>
> > <description>Username</description>
> > <required>true</required>
> > </arg>
> > <arg>
> > <name>password</name>
> > <description>Hashed password (Default is MD5). If you wish to use
> > any other hashing algorithm, you would need to write a custom
> > authentication adapter See Docs section.</description>
> > <required>true</required>
> > </arg>
> > <arg>
> > <name>domain</name>
> > <description>path of the domain that the user belongs to.
> Example:
> > domain=/com/cloud/internal. If no domain is passed in, the ROOT domain
> is
> > assumed.</description>
> > <required>false</required>
> > </arg>
> > <arg>
> > <name>domainId</name>
> > <description>id of the domain that the user belongs to. If both
> > domain and domainId are passed in, "domainId" parameter takes
> > precendence</description>
> > <required>false</required>
> > </arg>
> > </request>
> >
> > 3. What happens if you just pass the password as it is to "login" cmd?
> > This is what got captured in firebug, when i logged in to CS. Here,
> > password is "password" for account "abc".
> >
> > command login
> > domain /
> > password password
> > response json
> > username abc
> >
> > Santhosh
> > ________________________________________
> > From: Salar Darwish [[email protected]<mailto:
> [email protected]
> > >]
> > Sent: Tuesday, December 24, 2013 3:51 PM
> > To: [email protected]<mailto:[email protected]>
> > Subject: password hash
> >
> > Hello all,
> >
> > I have a php web interface and i related the interface to the cloudstack
> > database with the creataccount api. Now i am getting problems when I try
> to
> > log in to this web interface.it<http://interface.it> seems to be a hash
> > problem. I am hashing
> > the password as below:
> >
> > $password = hash(sha256 ,$_POST['password']);
> >
> > but still can not login. Is this the right hash algorithm i am using?
> >
> > Kind regards and merry christmas!
> >
> > *Salar*
> >
> >
> >
> > --
> > Met vriendelijke groet,
> > Salar Darwish
> >
>
>
>
> --
> *Met vriendelijke groet,*
> *Salar Darwish*
>
