incubator-clerezza-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reto Bachmann-Gmür (JIRA) <>
Subject [jira] Closed: (CLEREZZA-421) Support for multiple user password encryptions
Date Mon, 21 Feb 2011 10:06:38 GMT


Reto Bachmann-Gmür closed CLEREZZA-421.

    Resolution: Fixed

Thanks Daniel for the very good patch

> Support for multiple user password encryptions
> ----------------------------------------------
>                 Key: CLEREZZA-421
>                 URL:
>             Project: Clerezza
>          Issue Type: New Feature
>            Reporter: Daniel Spicar
>            Assignee: Reto Bachmann-Gmür
>         Attachments: patch-CLEREZZA-421.diff
> We have an issue when we import users from a different system to clerezza. The users
have passwords encrypted in SSHA (not SHA-1 as clerezza uses). We do not have their clear-text
> Now I wonder how would you best enable clerezza to support logins with different password
encoding methods. Most likely a single user will only use one encoding but different users
can have different encodings. 
> I have seen you have WeightedAutenicationMethod services. But if I interpret this correctly
it won't solve my issue. I assume I am looking for a way to register multiple AutenticationChecker
services such that passwords can be checked against more than one of them. I don't see this
implemented so far.
> Some questions with this would be:
> - do we simply add new properties for differently encoded passwords (passwordSsha, passwordSha1,
...) or do we change the ontology so a password resource contains both, the encrypted string
as a literal and a uri designating the password encoding method?
> - can the user have more than one such password resources (the password encoded in multiple
encryption methods)?
> - how to update user passwords? (e.g. delete all passwords and add a new one in the default
encoding of the platform) 
> I could provide a patch for this issue but we should define how we want to resolve it

This message is automatically generated by JIRA.
For more information on JIRA, see:


View raw message