[cas-user] Issue when using JSON (Whitelist) Authentication with Password Encoding

Wed, 12 Sep 2018 13:13:05 -0700 

Hi all,

I have a problem when using JSON  Authentication with Password Encoding.
I used both CAS versions 5.3.2 and 5.3.3, and below is the used config:

*Properties:*

cas.authn.json.location=file:/path_xx/users-SHA-256.json
#cas.authn.json.name=
cas.authn.json.passwordEncoder.type=DEFAULT
cas.authn.json.passwordEncoder.encodingAlgorithm=SHA-256
cas.authn.json.passwordEncoder.characterEncoding=UTF-8



JSON file:

{
  "@class" : "java.util.LinkedHashMap",  

  "admin" : {
  "@class" : "org.apereo.cas.adaptors.generic.CasUserAccount",
  "password" : 
"*8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918*",
  "attributes" : {
    "@class" : "java.util.LinkedHashMap",
    "kkkkkk" : "vvvvvvv"
  },
  "status" : "OK",
  "expirationDate" : "2019-12-31"
  }

}



*Log:*
2018-09-12 21:29:49,399 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Using [UTF-8] as the 
character encoding algorithm to update the digest>
2018-09-12 21:29:49,402 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Encoded password via 
algorithm [SHA-256] and character-encoding [UTF-8] is 
[8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918]>
2018-09-12 21:29:49,430 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Using [UTF-8] as the 
character encoding algorithm to update the digest>
2018-09-12 21:29:49,431 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Encoded password via 
algorithm [SHA-256] and character-encoding [UTF-8] is 
[998ed4d621742d0c2d85ed84173db569afa194d4597686cae947324aa58ab4bb]>
2018-09-12 21:29:49,431 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Provided password 
does not match the encoded password>

*Problem:*
According to the debug info, CAS encodes the password *twice*, and the 
second encoding is wrong. I don't understand how it is produced.
I used as password '*admin*', which SHA-256 encoding is 
*8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918*.
But CAS considers the second encoding, i.e., 
*998ed4d621742d0c2d85ed84173db569afa194d4597686cae947324aa58ab4bb* (when I 
use this encoding it works).

*Thank you in advance for your help :)*

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4fb02cde-2a9a-43ee-a127-e01accfcc494%40apereo.org.

Reply via email to