cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Demetrius Tsitrelis (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CLOUDSTACK-6311) login is called with unhashed password
Date Mon, 31 Mar 2014 21:57:14 GMT
Demetrius Tsitrelis created CLOUDSTACK-6311:
-----------------------------------------------

             Summary: login is called with unhashed password
                 Key: CLOUDSTACK-6311
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6311
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Doc
    Affects Versions: 4.3.0
            Reporter: Demetrius Tsitrelis


In the description of the password parameter on http://cloudstack.apache.org/docs/api/apidocs-4.3/root_admin/login.html
it says:

"Hashed password (Default is MD5). If you wish to use any other hashing algorithm, you would
need to write a custom authentication adapter See Docs section."

This was true for older versions of CloudStack but not anymore.  The password should be passed
as cleartext and the configured authenticators will then hash it with the appropriate algorithm.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message