incubator-clerezza-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Spicar (JIRA)" <j...@apache.org>
Subject [jira] Updated: (CLEREZZA-421) Support for multiple user password encryptions
Date Thu, 17 Feb 2011 16:16:24 GMT

     [ https://issues.apache.org/jira/browse/CLEREZZA-421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Daniel Spicar updated CLEREZZA-421:
-----------------------------------

    Attachment: patch-CLEREZZA-421.diff

A Patch introducing a new service that binds multiple AuthenticationCheckers. Existing authentication
methods are updated to use the new service.

This allows bundles to register custom authentication checkers in order to deal with different
password encodings. The differently encoded passwords should be stored in different properties
than the existing permission:passwordSha1 property. 

> Support for multiple user password encryptions
> ----------------------------------------------
>
>                 Key: CLEREZZA-421
>                 URL: https://issues.apache.org/jira/browse/CLEREZZA-421
>             Project: Clerezza
>          Issue Type: New Feature
>            Reporter: Daniel Spicar
>         Attachments: patch-CLEREZZA-421.diff
>
>
> We have an issue when we import users from a different system to clerezza. The users
have passwords encrypted in SSHA (not SHA-1 as clerezza uses). We do not have their clear-text
passwords.
> Now I wonder how would you best enable clerezza to support logins with different password
encoding methods. Most likely a single user will only use one encoding but different users
can have different encodings. 
> I have seen you have WeightedAutenicationMethod services. But if I interpret this correctly
it won't solve my issue. I assume I am looking for a way to register multiple AutenticationChecker
services such that passwords can be checked against more than one of them. I don't see this
implemented so far.
> Some questions with this would be:
> - do we simply add new properties for differently encoded passwords (passwordSsha, passwordSha1,
...) or do we change the ontology so a password resource contains both, the encrypted string
as a literal and a uri designating the password encoding method?
> - can the user have more than one such password resources (the password encoded in multiple
encryption methods)?
> - how to update user passwords? (e.g. delete all passwords and add a new one in the default
encoding of the platform) 
> I could provide a patch for this issue but we should define how we want to resolve it
first.

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message