cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vijayendra Bhamidipati <vijayendra.bhamidip...@citrix.com>
Subject Re: Review Request: Make SHA256Salt the default password encoding and authentication mechanism for cloudstack
Date Thu, 28 Mar 2013 21:34:13 GMT
Hugo/Kelven,

Please review the changes and let me know,

Thanks,
Regards,
Vijay

From: Vijayendra Bhamidipati <vijayendra.bhamidipati@citrix.com<mailto:vijayendra.bhamidipati@citrix.com>>
Reply-To: Vijayendra Bhamidipati <vijayendra.bhamidipati@citrix.com<mailto:vijayendra.bhamidipati@citrix.com>>
Date: Tuesday, March 19, 2013 10:03 PM
To: Kelven Yang <kelven.yang@citrix.com<mailto:kelven.yang@citrix.com>>
Cc: "cloudstack-dev@incubator.apache.org<mailto:cloudstack-dev@incubator.apache.org>"
<cloudstack-dev@incubator.apache.org<mailto:cloudstack-dev@incubator.apache.org>>,
Vijayendra Bhamidipati <vijayendra.bhamidipati@citrix.com<mailto:vijayendra.bhamidipati@citrix.com>>
Subject: Review Request: Make SHA256Salt the default password encoding and authentication
mechanism for cloudstack

This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/10039/

Review request for cloudstack and Kelven Yang.
By Venkata Siva Vijayendra Bhamidipati.
Description

Changing default password encoding mechanism from MD5 to SHA256Salted.


Testing

Manual testing done for both oss and nonoss components. Both admin and users added later are
encoded according to the scheme configured, and authenticated by the same scheme.

To change the order of the schemes, modify the following list properties in client/tomcatconf/nonossComponentContext.xml.in
or client/tomcatconf/componentContext.xml.in as applicable, to the desired order:

    <property name="UserAuthenticators">
         <list>
            <ref bean="SHA256SaltedUserAuthenticator"/>
            <ref bean="MD5UserAuthenticator"/>
            <ref bean="LDAPUserAuthenticator"/>
            <ref bean="PlainTextUserAuthenticator"/>
        </list>
    </property>

    <property name="UserPasswordEncoders">
        <list>
            <ref bean="SHA256SaltedUserAuthenticator"/>
             <ref bean="MD5UserAuthenticator"/>
             <ref bean="LDAPUserAuthenticator"/>
            <ref bean="PlainTextUserAuthenticator"/>
         </list>





Bugs: CS-1734
Diffs

 *   api/src/org/apache/cloudstack/api/command/admin/account/CreateAccountCmd.java (89673ea)
 *   api/src/org/apache/cloudstack/api/command/admin/user/CreateUserCmd.java (fb29e1a)
 *   api/src/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java (1f31662)
 *   client/tomcatconf/componentContext.xml.in (016df0a)
 *   client/tomcatconf/nonossComponentContext.xml.in (8f8dae5)
 *   developer/developer-prefill.sql (6300d35)
 *   plugins/user-authenticators/ldap/src/com/cloud/server/auth/LDAPUserAuthenticator.java
(61eebe5)
 *   plugins/user-authenticators/md5/src/com/cloud/server/auth/MD5UserAuthenticator.java (026125e)
 *   plugins/user-authenticators/plain-text/src/com/cloud/server/auth/PlainTextUserAuthenticator.java
(52e7cb3)
 *   plugins/user-authenticators/sha256salted/src/com/cloud/server/auth/SHA256SaltedUserAuthenticator.java
(1b29f69)
 *   server/src/com/cloud/server/ManagementServerImpl.java (b689f93)
 *   server/src/com/cloud/user/AccountManagerImpl.java (b69f314)

View Diff<https://reviews.apache.org/r/10039/diff/>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message