Why not changing other admin logins pwd encryption? Production sites should not
use this pwd anyway (even if they are based on trunk).
We need to provide a simple mean to increase the currentPassword field size.
Could be as simple as an entry in
https://cwiki.apache.org/confluence/display/OFBIZ/Revisions+Requiring+Data+Migration+-+upgrade+ofbiz
with ALTER TABLE UserLogin ALTER COLUMN currentPassword varchar(255)
Also nitpicking but I see no reasons to have blank lines between privates in
HashCrypt ;)
Jacques
Le 05/12/2016 à 09:44, Nicolas Malin a écrit :
hello Shi
I think it's better to use a StringBuilder to build this.
Cheers,
Nicolas
Le 05/12/2016 à 02:32, sh...@apache.org a écrit :
+ return pbkdf2Type + "$" + PBKDF2_ITERATIONS + "$" + salt + "$" +
new String(hash);