Ah so I just stumbled on this and answered my own question: http://www.caucho.com/resin-3.0/security/digest.xtp
By storing the digested form in the password field, it started working. Aaron > I am playing with the JdbcAuthenticator on Resin 4.0 and for some reason > I can not get it to authenticate properly. With the detail level set to > finest, I am always getting: > > mismatched password:aaron > > where "aaron" is the username I am trying to authenticate. > > I have tried trimming the password and even forcing it like: > > <password-query> select 'abcd' password from login where username = > ?</password-query> > > and cannot get it to authenticate. > > So the next question is, are the passwords stored in the database > plaintext or do they need to be encrypted? If they need to be > encrypted, what is the default digest for doing that? > > Thanks, > > Aaron > > > _______________________________________________ > resin-interest mailing list > resin-interest@caucho.com > http://maillist.caucho.com/mailman/listinfo/resin-interest > > > _______________________________________________ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
