Thanks for the clarification! Bhaskar
On 8/22/08, David Sean Taylor <[EMAIL PROTECTED]> wrote: > > > On Aug 20, 2008, at 9:02 PM, Bhaskar Roy wrote: > > So it seems, Jetspeed password can't be recovered. >> >> Is that true? >> >> I believe what Ate said is this: > > As I described before, you can only recover passwords which were encoded >>> by >>> the PBEPasswordTool itself, e.g. by leveraging and configuring the >>> PBEPasswordService (which extends PBEPasswordTool) as >>> CredentialPasswordEncoder for Jetspeed (defined in Spring assembly file >>> security-spi-atn.xml). >>> >>> If you have used the default configured >>> MessageDigestCredentialPasswordEncoder for encoding your passwords, there >>> is >>> no way to decode them anymore as MessageDigest encoding is a one-way only >>> encoding algorithm. >>> >>> > So if you are using the "default" password credential encoder out of the > box, then yes, your passwords cannot be recovered. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
