[ https://issues.apache.org/jira/browse/SYNCOPE-513?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14045752#comment-14045752 ]
ASF subversion and git services commented on SYNCOPE-513: --------------------------------------------------------- Commit 1605998 from [~ilgrosso] in branch 'syncope/trunk' [ https://svn.apache.org/r1605998 ] [SYNCOPE-513] Sensible configuration provided via security.properties > Make value encryption parametric > -------------------------------- > > Key: SYNCOPE-513 > URL: https://issues.apache.org/jira/browse/SYNCOPE-513 > Project: Syncope > Issue Type: Improvement > Components: core > Affects Versions: 1.1.8 > Reporter: Yann Diorcet > Assignee: Francesco Chicchiriccò > Fix For: 1.2.0 > > > In {{PasswordEncoder}} (1.1.X) / {{Encryptor}} (1.2.X) class the salt > mechanism configuration is hardcoded > If the LDAP server doesn't use the same salt mechanism configuration, the > password can't be matched during authentication. > For example {{SSHA}} is defined by RFC 2307 as: > {code} > digester.setIterations(1); > digester.setSaltSizeBytes(8); > digester.setInvertPositionOfPlainSaltInEncryptionResults(true); > digester.setInvertPositionOfSaltInMessageBeforeDigesting(true); > digester.setUseLenientSaltSizeCheck(true); > {code} > See [Jasypt's > javadocs|http://jasypt.org/api/jasypt/1.9.2/org/jasypt/util/password/rfc2307/RFC2307SSHAPasswordEncryptor.html] > for more details. > {{Encryptor}} can read from global configuration parameters so that you can > configure some aspect of the way how ciphered values (not only password > values in 1.2.X). -- This message was sent by Atlassian JIRA (v6.2#6252)