Return-Path: X-Original-To: apmail-cloudstack-dev-archive@www.apache.org Delivered-To: apmail-cloudstack-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 086EEF989 for ; Thu, 28 Mar 2013 21:34:39 +0000 (UTC) Received: (qmail 79286 invoked by uid 500); 28 Mar 2013 21:34:38 -0000 Delivered-To: apmail-cloudstack-dev-archive@cloudstack.apache.org Received: (qmail 79227 invoked by uid 500); 28 Mar 2013 21:34:38 -0000 Mailing-List: contact dev-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list dev@cloudstack.apache.org Received: (qmail 79219 invoked by uid 500); 28 Mar 2013 21:34:38 -0000 Delivered-To: apmail-incubator-cloudstack-dev@incubator.apache.org Received: (qmail 79215 invoked by uid 99); 28 Mar 2013 21:34:38 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 28 Mar 2013 21:34:38 +0000 X-ASF-Spam-Status: No, hits=-2.8 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_HI,SPF_HELO_PASS,SPF_PASS,URIBL_DBL_REDIR X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of vijayendra.bhamidipati@citrix.com designates 66.165.176.89 as permitted sender) Received: from [66.165.176.89] (HELO SMTP.CITRIX.COM) (66.165.176.89) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 28 Mar 2013 21:34:32 +0000 X-IronPort-AV: E=Sophos;i="4.87,367,1363132800"; d="scan'208,217";a="16268415" Received: from sjcpmailmx01.citrite.net ([10.216.14.74]) by FTLPIPO01.CITRIX.COM with ESMTP/TLS/RC4-MD5; 28 Mar 2013 21:34:09 +0000 Received: from SJCPMAILBOX01.citrite.net ([10.216.4.73]) by SJCPMAILMX01.citrite.net ([10.216.14.74]) with mapi; Thu, 28 Mar 2013 14:34:09 -0700 From: Vijayendra Bhamidipati To: "cloudstack-dev@incubator.apache.org" CC: Hugo Trippaers , Kelven Yang Date: Thu, 28 Mar 2013 14:34:13 -0700 Subject: Re: Review Request: Make SHA256Salt the default password encoding and authentication mechanism for cloudstack Thread-Topic: Review Request: Make SHA256Salt the default password encoding and authentication mechanism for cloudstack Thread-Index: Ac4r+/saHioCFVWASXmdwPqISvIy1w== Message-ID: In-Reply-To: <20130320050330.6650.54960@reviews.apache.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.3.2.130206 acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_CD7A035DA216vijayendrabhamidipaticitrixcom_" MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org --_000_CD7A035DA216vijayendrabhamidipaticitrixcom_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hugo/Kelven, Please review the changes and let me know, Thanks, Regards, Vijay From: Vijayendra Bhamidipati > Reply-To: Vijayendra Bhamidipati > Date: Tuesday, March 19, 2013 10:03 PM To: Kelven Yang > Cc: "cloudstack-dev@incubator.apache.org" >, Vijayendra Bhamidipati > Subject: Review Request: Make SHA256Salt the default password encoding and = authentication mechanism for cloudstack This is an automatically generated e-mail. To reply, visit: https://reviews= .apache.org/r/10039/ Review request for cloudstack and Kelven Yang. By Venkata Siva Vijayendra Bhamidipati. Description Changing default password encoding mechanism from MD5 to SHA256Salted. Testing Manual testing done for both oss and nonoss components. Both admin and user= s added later are encoded according to the scheme configured, and authentic= ated by the same scheme. To change the order of the schemes, modify the following list properties in= client/tomcatconf/nonossComponentContext.xml.in or client/tomcatconf/compo= nentContext.xml.in as applicable, to the desired order: Bugs: CS-1734 Diffs * api/src/org/apache/cloudstack/api/command/admin/account/CreateAccountC= md.java (89673ea) * api/src/org/apache/cloudstack/api/command/admin/user/CreateUserCmd.jav= a (fb29e1a) * api/src/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.jav= a (1f31662) * client/tomcatconf/componentContext.xml.in (016df0a) * client/tomcatconf/nonossComponentContext.xml.in (8f8dae5) * developer/developer-prefill.sql (6300d35) * plugins/user-authenticators/ldap/src/com/cloud/server/auth/LDAPUserAut= henticator.java (61eebe5) * plugins/user-authenticators/md5/src/com/cloud/server/auth/MD5UserAuthe= nticator.java (026125e) * plugins/user-authenticators/plain-text/src/com/cloud/server/auth/Plain= TextUserAuthenticator.java (52e7cb3) * plugins/user-authenticators/sha256salted/src/com/cloud/server/auth/SHA= 256SaltedUserAuthenticator.java (1b29f69) * server/src/com/cloud/server/ManagementServerImpl.java (b689f93) * server/src/com/cloud/user/AccountManagerImpl.java (b69f314) View Diff --_000_CD7A035DA216vijayendrabhamidipaticitrixcom_--