cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Salar Darwish <salardarw...@gmail.com>
Subject Re: password hash
Date Wed, 25 Dec 2013 10:58:45 GMT
Yes ik use port8096 and that was indeed the resason i get the error. I
changed that to port 8080 and now i get a session key as you mentioned. How
can i use this sessionkey?


2013/12/25 Santhosh Edukulla <santhosh.edukulla@citrix.com>

> 1. How you are retrieving the sessionkey with your mysqlquery?
>
> 2. I believe you are using Authentication Port 8080. If yes, below is the
> POST url along with params for login cmd. This should give the sessionkey
> for your further communication with CS.
>
> Request:
> http://localhost:8080/client/api
>
> command login
> domain  /
> password        password
> response        json
> username        abc
>
> Response:
>
> { "loginresponse" : { "timeout" : "1800", "sessionkey" :
> "tBr9fYLiIzoKVPQK0TBJb1BCeoQ=", "username" : "admin", "registered" :
> "false", "userid" : "ce801a0a-6d58-11e3-924d-7ac46bc9b016", "lastname" :
> "User", "account" : "admin", "domainid" :
> "ce7c8c82-6d58-11e3-924d-7ac46bc9b016", "firstname" : "Admin", "type" : "1"
> } }
>
> 3. If you are using UnAuthenticated Port 8096 to communicate, you need to
> use apiKey,signature and command parameters with your POST request to CS.
>
> Santhosh
> ________________________________________
> From: Salar Darwish [salardarwish@gmail.com]
> Sent: Wednesday, December 25, 2013 4:22 AM
> To: users@cloudstack.apache.org; Santhosh Edukulla
> Subject: Re: password hash
>
> Dear Santhosh,
>
> I do not use the login api . I use a mysql query to login into the web
> interface. when i use the password from the database(hashed) i can login
> with no problems. i tried to encrypt the password query i am sending to the
> database to MD5 but still can not login.
>
> after your mail i tried to use the login api but i get the folowing error:
> "{ \"error\" : { \"description\" : \"Internal Server Error\" } }"
>
>
>
> 2013/12/25 Santhosh Edukulla <santhosh.edukulla@citrix.com<mailto:
> santhosh.edukulla@citrix.com>>
> 1. you are using "login" command to verify your account created through
> "createAccount"?
>
>
> 2. The API description for "login" mentions below. See the description for
> argument password.
>
> <command>
>     <name>login</name>
>     <description>Logs a user into the CloudStack. A successful login
> attempt will generate a JSESSIONID cookie value that can be passed in
> subsequent Query command calls until the &quot;logout&quot; command has
> been issued or the session has expired.</description>
>     <isAsync>false</isAsync>
>     <request>
>       <arg>
>         <name>username</name>
>         <description>Username</description>
>         <required>true</required>
>       </arg>
>       <arg>
>         <name>password</name>
>         <description>Hashed password (Default is MD5). If you wish to use
> any other hashing algorithm, you would need to write a custom
> authentication adapter See Docs section.</description>
>         <required>true</required>
>       </arg>
>       <arg>
>         <name>domain</name>
>         <description>path of the domain that the user belongs to. Example:
> domain=/com/cloud/internal.  If no domain is passed in, the ROOT domain is
> assumed.</description>
>         <required>false</required>
>       </arg>
>       <arg>
>         <name>domainId</name>
>         <description>id of the domain that the user belongs to. If both
> domain and domainId are passed in, &quot;domainId&quot; parameter takes
> precendence</description>
>         <required>false</required>
>       </arg>
>     </request>
>
> 3. What happens if you just pass the password as it is to "login" cmd?
> This is what got captured in firebug, when i logged in to CS. Here,
> password is "password" for account "abc".
>
> command login
> domain  /
> password        password
> response        json
> username        abc
>
> Santhosh
> ________________________________________
> From: Salar Darwish [salardarwish@gmail.com<mailto:salardarwish@gmail.com
> >]
> Sent: Tuesday, December 24, 2013 3:51 PM
> To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org>
> Subject: password hash
>
> Hello all,
>
> I have a php web interface and i related the interface to the cloudstack
> database with the creataccount api. Now i am getting problems when I try to
> log in to this web interface.it<http://interface.it> seems to be a hash
> problem. I am hashing
> the password as below:
>
> $password = hash(sha256 ,$_POST['password']);
>
> but still can not login. Is this the right hash algorithm i am using?
>
> Kind regards and merry christmas!
>
> *Salar*
>
>
>
> --
> Met vriendelijke groet,
> Salar Darwish
>



-- 
*Met vriendelijke groet,*
*Salar Darwish*

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message