incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chip Childers <chip.child...@sungard.com>
Subject Re: Review Request: Make SHA256Salt the default password encoding and authentication mechanism for cloudstack
Date Wed, 20 Mar 2013 18:16:50 GMT
On Wed, Mar 20, 2013 at 11:36:10PM +0530, prasanna wrote:
> Is this a new feature or did I miss the discussion around this?

It seems to be a straight forward change, but what's the reasoning for
this Venkata?

Are the upgrade scenarios considered here?

> 
> On 20 March 2013 10:33, Venkata Siva Vijayendra Bhamidipati
> <vijayendra.bhamidipati@citrix.com> wrote:
> >
> > -----------------------------------------------------------
> > This is an automatically generated e-mail. To reply, visit:
> > https://reviews.apache.org/r/10039/
> > -----------------------------------------------------------
> >
> > Review request for cloudstack and Kelven Yang.
> >
> >
> > Description
> > -------
> >
> > Changing default password encoding mechanism from MD5 to SHA256Salted.
> >
> >
> > This addresses bug CS-1734.
> >
> >
> > Diffs
> > -----
> >
> >   api/src/org/apache/cloudstack/api/command/admin/account/CreateAccountCmd.java
89673ea
> >   api/src/org/apache/cloudstack/api/command/admin/user/CreateUserCmd.java fb29e1a
> >   api/src/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java 1f31662
> >   client/tomcatconf/componentContext.xml.in 016df0a
> >   client/tomcatconf/nonossComponentContext.xml.in 8f8dae5
> >   developer/developer-prefill.sql 6300d35
> >   plugins/user-authenticators/ldap/src/com/cloud/server/auth/LDAPUserAuthenticator.java
61eebe5
> >   plugins/user-authenticators/md5/src/com/cloud/server/auth/MD5UserAuthenticator.java
026125e
> >   plugins/user-authenticators/plain-text/src/com/cloud/server/auth/PlainTextUserAuthenticator.java
52e7cb3
> >   plugins/user-authenticators/sha256salted/src/com/cloud/server/auth/SHA256SaltedUserAuthenticator.java
1b29f69
> >   server/src/com/cloud/server/ManagementServerImpl.java b689f93
> >   server/src/com/cloud/user/AccountManagerImpl.java b69f314
> >
> > Diff: https://reviews.apache.org/r/10039/diff/
> >
> >
> > Testing
> > -------
> >
> > Manual testing done for both oss and nonoss components. Both admin and users added
later are encoded according to the scheme configured, and authenticated by the same scheme.
> >
> > To change the order of the schemes, modify the following list properties in client/tomcatconf/nonossComponentContext.xml.in
or client/tomcatconf/componentContext.xml.in as applicable, to the desired order:
> >
> >     <property name="UserAuthenticators">
> >          <list>
> >             <ref bean="SHA256SaltedUserAuthenticator"/>
> >             <ref bean="MD5UserAuthenticator"/>
> >             <ref bean="LDAPUserAuthenticator"/>
> >             <ref bean="PlainTextUserAuthenticator"/>
> >         </list>
> >     </property>
> >
> >     <property name="UserPasswordEncoders">
> >         <list>
> >             <ref bean="SHA256SaltedUserAuthenticator"/>
> >              <ref bean="MD5UserAuthenticator"/>
> >              <ref bean="LDAPUserAuthenticator"/>
> >             <ref bean="PlainTextUserAuthenticator"/>
> >          </list>
> >
> >
> > Thanks,
> >
> > Venkata Siva Vijayendra Bhamidipati
> >
> 

Mime
View raw message