On 28/03/2013 18:58, Guido Irrelevant wrote:
Hi all,
I am currently reviewing [1] as part of SYNCOPE-276 and I've just realized
that, since SYNCOPE-51 removed support for MD5 (as password cipher algorithm),
we might have a considerable upgrade problem.
What about an existing 1.0.X installation with MD5 passwords? When upgrading to
1.1.0, any user won't be able to authenticate any more because the values of
'password' column in 'SyncopeUser' table cannot be verified with any of
available cipher algorithm.
What can we suggest as best practice in this case?
IMO we can provide a class extending SyncopeAuthenticationProvider [2], able to
check authentication for MD5 users and leaving to SyncopeAuthenticationProvider
for the rest. This new authenticator can be then configured in
securityContext.xml [3] allowing people to keep this as temporary workaround,
until all users have changed their password with the new configured cipher
algorithm.
WDYT? Can you think of a better alternative?
If I understand it correctly, the disadvantage of this approach would be that
the hash of a user
stays vulnerable until she changes her password.
This is rather the rationale behind SYNCOPE-51.
The problem I am discussing here is how to deal with existing Syncope
1.0.X installations willing to migrate to upcoming 1.1.0, when MD5 was
chosen for user passwords.
IMO a more secure but also more complicated approach for migration would be to
rehash the MD5
password hashes in a secure way. It seems that Drupal followed such an approach:
http://drupal.org/node/1349758
If one wants to have hashes based on a standard algorithms, one could in
addition change such a rehashed
hash to a standard (e.g. bcrypt) hash once the user logs in and Syncope sees
the password in clear
(possibly this could also be done by SyncopeAuthenticationProvider).
http://blog.jgc.org/2012/06/one-way-to-fix-your-rubbish-password.html describes
such an approach.
There also was an interesting discussion on migration of MD5 passwords on
stackoverflow:
http://stackoverflow.com/questions/10771198/migrate-old-md5-passwords-to-bcrypt-passwords
This possibility is very interesting indeed, but I see it as
complementary to the solution I've proposed above: once we will provide
a special authenticator for dealing with old MD5 passwords, one could
decide to extend it in his own project in order to deal with more
sophisticated approaches (like rehashing proposed by you).
We might add this possibility (including URL references) to the
migration wiki page [1] that I am going to complete soon as per SYNCOPE-276.
Thanks for contributing.
Regards.
[1] https://cwiki.apache.org/confluence/display/SYNCOPE/Upgrade+instructions
--
Francesco Chicchiriccò
ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/