[jira] Updated: (CLEREZZA-421) Support for multiple user password encryptions

Thu, 17 Feb 2011 08:16:53 -0800 

     [ 
https://issues.apache.org/jira/browse/CLEREZZA-421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Daniel Spicar updated CLEREZZA-421:
-----------------------------------

    Attachment: patch-CLEREZZA-421.diff

A Patch introducing a new service that binds multiple AuthenticationCheckers. 
Existing authentication methods are updated to use the new service.

This allows bundles to register custom authentication checkers in order to deal 
with different password encodings. The differently encoded passwords should be 
stored in different properties than the existing permission:passwordSha1 
property. 

> Support for multiple user password encryptions
> ----------------------------------------------
>
>                 Key: CLEREZZA-421
>                 URL: https://issues.apache.org/jira/browse/CLEREZZA-421
>             Project: Clerezza
>          Issue Type: New Feature
>            Reporter: Daniel Spicar
>         Attachments: patch-CLEREZZA-421.diff
>
>
> We have an issue when we import users from a different system to clerezza. 
> The users have passwords encrypted in SSHA (not SHA-1 as clerezza uses). We 
> do not have their clear-text passwords.
> Now I wonder how would you best enable clerezza to support logins with 
> different password encoding methods. Most likely a single user will only use 
> one encoding but different users can have different encodings. 
> I have seen you have WeightedAutenicationMethod services. But if I interpret 
> this correctly it won't solve my issue. I assume I am looking for a way to 
> register multiple AutenticationChecker services such that passwords can be 
> checked against more than one of them. I don't see this implemented so far.
> Some questions with this would be:
> - do we simply add new properties for differently encoded passwords 
> (passwordSsha, passwordSha1, ...) or do we change the ontology so a password 
> resource contains both, the encrypted string as a literal and a uri 
> designating the password encoding method?
> - can the user have more than one such password resources (the password 
> encoded in multiple encryption methods)?
> - how to update user passwords? (e.g. delete all passwords and add a new one 
> in the default encoding of the platform) 
> I could provide a patch for this issue but we should define how we want to 
> resolve it first.

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to