directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Zoerner (JIRA)" <j...@apache.org>
Subject [jira] Created: (DIRSERVER-1466) Support SHA-256 for userPassword values
Date Sun, 07 Feb 2010 18:00:28 GMT
Support SHA-256 for userPassword values
---------------------------------------

                 Key: DIRSERVER-1466
                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1466
             Project: Directory ApacheDS
          Issue Type: Improvement
          Components: core
    Affects Versions: 1.5.5
         Environment: ApacheDS 1.5.5
            Reporter: Stefan Zoerner
            Priority: Minor


Currently, ApacheDS 1.5.5 authenticates users with passwords stored with following algorithms:
* (plain text)
* SHA
* SSHA
* MD5
* SMD5
* CRYPT

see class org.apache.directory.server.core.authn.SimpleAuthenticator and enum org.apache.directory.shared.ldap.constants.LdapSecurityConstants.
Most of them are considered weak. http://www.schneier.com/essay-074.html

SHA-256 is not directly supported. How about adding it to the list?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message