cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Salar Darwish <salardarw...@gmail.com>
Subject Re: password hash
Date Wed, 25 Dec 2013 09:22:46 GMT
Dear Santhosh,

I do not use the login api . I use a mysql query to login into the web
interface. when i use the password from the database(hashed) i can login
with no problems. i tried to encrypt the password query i am sending to the
database to MD5 but still can not login.

after your mail i tried to use the login api but i get the folowing error:
"{ \"error\" : { \"description\" : \"Internal Server Error\" } }"



2013/12/25 Santhosh Edukulla <santhosh.edukulla@citrix.com>

> 1. you are using "login" command to verify your account created through
> "createAccount"?
>
>
> 2. The API description for "login" mentions below. See the description for
> argument password.
>
> <command>
>     <name>login</name>
>     <description>Logs a user into the CloudStack. A successful login
> attempt will generate a JSESSIONID cookie value that can be passed in
> subsequent Query command calls until the &quot;logout&quot; command has
> been issued or the session has expired.</description>
>     <isAsync>false</isAsync>
>     <request>
>       <arg>
>         <name>username</name>
>         <description>Username</description>
>         <required>true</required>
>       </arg>
>       <arg>
>         <name>password</name>
>         <description>Hashed password (Default is MD5). If you wish to use
> any other hashing algorithm, you would need to write a custom
> authentication adapter See Docs section.</description>
>         <required>true</required>
>       </arg>
>       <arg>
>         <name>domain</name>
>         <description>path of the domain that the user belongs to. Example:
> domain=/com/cloud/internal.  If no domain is passed in, the ROOT domain is
> assumed.</description>
>         <required>false</required>
>       </arg>
>       <arg>
>         <name>domainId</name>
>         <description>id of the domain that the user belongs to. If both
> domain and domainId are passed in, &quot;domainId&quot; parameter takes
> precendence</description>
>         <required>false</required>
>       </arg>
>     </request>
>
> 3. What happens if you just pass the password as it is to "login" cmd?
> This is what got captured in firebug, when i logged in to CS. Here,
> password is "password" for account "abc".
>
> command login
> domain  /
> password        password
> response        json
> username        abc
>
> Santhosh
> ________________________________________
> From: Salar Darwish [salardarwish@gmail.com]
> Sent: Tuesday, December 24, 2013 3:51 PM
> To: users@cloudstack.apache.org
> Subject: password hash
>
> Hello all,
>
> I have a php web interface and i related the interface to the cloudstack
> database with the creataccount api. Now i am getting problems when I try to
> log in to this web interface.it seems to be a hash problem. I am hashing
> the password as below:
>
> $password = hash(sha256 ,$_POST['password']);
>
> but still can not login. Is this the right hash algorithm i am using?
>
> Kind regards and merry christmas!
>
> *Salar*




-- 
*Met vriendelijke groet,*
*Salar Darwish*

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message