On Fri, Jun 21, 2013 at 2:32 PM, Christian Mueller <
[email protected]> wrote:
> If you get such an exception, the reason may be
>
> 1) The password was a plain text password
> 2) The password was already encrypted but tampered anywhere in the system
>
> Unfortunately, you cannot decide and as a consequence, an "emergency exit"
> is needed like reentering the password on the GUI.
>
Yes, which is not big deal
>
> An example for a valid encrypted password is
>
> crypt1:KWhO7jrTz/Gi0oTQRKsVeCmWIZY5VZaD
>
> I cannot image a user having such a plain text password. It is easier to
> win the jack pot in a lottery than remember such a password :-)
>
Ha ha, yeah.
> As simple calculation. Let us assume that the password alphabet consists
> of 26 lower case letters,10 digits and the ":". Then you have 37^7
> = 94931877133 possibilities for the first 7 characters. Very unlikely that
> a password starts with "crypt1:"
>
> Taking this numbers into account, +1 for your proposal, we should not make
> things more complicated as needed.
>
Thanks for the reply and the detailed evaluation about what might go wrong.
Anyone else?
Cheers
Andrea
--
==
Our support, Your Success! Visit http://opensdi.geo-solutions.it for more
information.
==
Ing. Andrea Aime
@geowolf
Technical Lead
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
-------------------------------------------------------
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
