Hugo/Kelven, Please review the changes and let me know,
Thanks, Regards, Vijay From: Vijayendra Bhamidipati <vijayendra.bhamidip...@citrix.com<mailto:vijayendra.bhamidip...@citrix.com>> Reply-To: Vijayendra Bhamidipati <vijayendra.bhamidip...@citrix.com<mailto:vijayendra.bhamidip...@citrix.com>> Date: Tuesday, March 19, 2013 10:03 PM To: Kelven Yang <kelven.y...@citrix.com<mailto:kelven.y...@citrix.com>> Cc: "cloudstack-...@incubator.apache.org<mailto:cloudstack-...@incubator.apache.org>" <cloudstack-...@incubator.apache.org<mailto:cloudstack-...@incubator.apache.org>>, Vijayendra Bhamidipati <vijayendra.bhamidip...@citrix.com<mailto:vijayendra.bhamidip...@citrix.com>> Subject: Review Request: Make SHA256Salt the default password encoding and authentication mechanism for cloudstack This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/10039/ Review request for cloudstack and Kelven Yang. By Venkata Siva Vijayendra Bhamidipati. Description Changing default password encoding mechanism from MD5 to SHA256Salted. Testing Manual testing done for both oss and nonoss components. Both admin and users added later are encoded according to the scheme configured, and authenticated by the same scheme. To change the order of the schemes, modify the following list properties in client/tomcatconf/nonossComponentContext.xml.in or client/tomcatconf/componentContext.xml.in as applicable, to the desired order: <property name="UserAuthenticators"> <list> <ref bean="SHA256SaltedUserAuthenticator"/> <ref bean="MD5UserAuthenticator"/> <ref bean="LDAPUserAuthenticator"/> <ref bean="PlainTextUserAuthenticator"/> </list> </property> <property name="UserPasswordEncoders"> <list> <ref bean="SHA256SaltedUserAuthenticator"/> <ref bean="MD5UserAuthenticator"/> <ref bean="LDAPUserAuthenticator"/> <ref bean="PlainTextUserAuthenticator"/> </list> Bugs: CS-1734 Diffs * api/src/org/apache/cloudstack/api/command/admin/account/CreateAccountCmd.java (89673ea) * api/src/org/apache/cloudstack/api/command/admin/user/CreateUserCmd.java (fb29e1a) * api/src/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java (1f31662) * client/tomcatconf/componentContext.xml.in (016df0a) * client/tomcatconf/nonossComponentContext.xml.in (8f8dae5) * developer/developer-prefill.sql (6300d35) * plugins/user-authenticators/ldap/src/com/cloud/server/auth/LDAPUserAuthenticator.java (61eebe5) * plugins/user-authenticators/md5/src/com/cloud/server/auth/MD5UserAuthenticator.java (026125e) * plugins/user-authenticators/plain-text/src/com/cloud/server/auth/PlainTextUserAuthenticator.java (52e7cb3) * plugins/user-authenticators/sha256salted/src/com/cloud/server/auth/SHA256SaltedUserAuthenticator.java (1b29f69) * server/src/com/cloud/server/ManagementServerImpl.java (b689f93) * server/src/com/cloud/user/AccountManagerImpl.java (b69f314) View Diff<https://reviews.apache.org/r/10039/diff/>