On Aug 20, 2008, at 9:02 PM, Bhaskar Roy wrote:
So it seems, Jetspeed password can't be recovered.
Is that true?
I believe what Ate said is this:
As I described before, you can only recover passwords which were
encoded by
the PBEPasswordTool itself, e.g. by leveraging and configuring the
PBEPasswordService (which extends PBEPasswordTool) as
CredentialPasswordEncoder for Jetspeed (defined in Spring assembly
file
security-spi-atn.xml).
If you have used the default configured
MessageDigestCredentialPasswordEncoder for encoding your passwords,
there is
no way to decode them anymore as MessageDigest encoding is a one-
way only
encoding algorithm.
So if you are using the "default" password credential encoder out of
the box, then yes, your passwords cannot be recovered.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
