[Acegisecurity-developer] Problem with md5 passwords
Hello, I'm a user of Pentaho, a BI Solution Open Source. It use Acegi to do authentication, and I'm having problems with authentication with passwords encoded with MD5. My problem is that when I try to log in with a user that is password encoded with md5, it returns Bad Credentials, but when I try to log in with a user that is password as clear text I can log in. I modified my file application-acegi-security-ldap.xml to use encode md5, but doesn't work. My acegi file is attached. I appreciate any help. Thanks ?xml version=1.0 encoding=UTF-8? !DOCTYPE beans PUBLIC -//SPRING//DTD BEAN//EN http://www.springframework.org/dtd/spring-beans.dtd; !-- - Application context containing LDAP UserDetailsService - implementation. - - Used by all artifacts. -- beans !-- Configuração do servidor LDAP -- bean id=initialDirContextFactory class=org.acegisecurity.ldap.DefaultInitialDirContextFactory constructor-arg index=0 value=ldap://localhost:389/dc=paulinia,dc=com,dc=br; / property name=managerDn value=cn=Manager,dc=paulinia,dc=com,dc=br / property name=managerPassword value=n2n9u2v5 / /bean bean id=ldapAuthProvider class=org.acegisecurity.providers.ldap.LdapAuthenticationProvider constructor-arg bean class=org.acegisecurity.providers.ldap.authenticator.BindAuthenticator constructor-arg ref local=initialDirContextFactory / /constructor-arg property name=userSearch ref local=userSearch / /property /bean /constructor-arg constructor-arg ref local=populator / /constructor-arg /bean !-- Verifica de quais roles o usuário participa -- bean id=populator class=org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator constructor-arg index=0 ref local=initialDirContextFactory / /constructor-arg constructor-arg index=1 value=ou=roles / property name=groupRoleAttribute value=cn / property name=groupSearchFilter value=roleOccupant={0} / /bean !-- Verifica se o usuário participa do grupo users -- bean id=userSearch class=org.acegisecurity.ldap.search.FilterBasedLdapUserSearch constructor-arg index=0 value=ou=users / constructor-arg index=1 value=cn={0} / constructor-arg index=2 ref local=initialDirContextFactory / /constructor-arg /bean bean id=userDetailsService class=com.pentaho.security.ldap.LdapUserDetailsService property name=userSearch ref local=userSearch / /property property name=populator ref local=populator / /property /bean !-- Como o senha será passada para o LDAP -- !-- Texto puro -- bean id=passwordEncoder class=org.acegisecurity.providers.encoding.Md5PasswordEncoder / !--class=org.acegisecurity.providers.encoding.PlaintextPasswordEncoder / -- /beans - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Problem with md5 passwords
Please use the forum at http://forum.springframework.org/forumdisplay.php?f=33 for user questions. You should also supply debug log output. ranieri.oliveira wrote: Hello, I'm a user of Pentaho, a BI Solution Open Source. It use Acegi to do authentication, and I'm having problems with authentication with passwords encoded with MD5. My problem is that when I try to log in with a user that is password encoded with md5, it returns Bad Credentials, but when I try to log in with a user that is password as clear text I can log in. I modified my file application-acegi-security-ldap.xml to use encode md5, but doesn't work. My acegi file is attached. I appreciate any help. Thanks -- Luke Taylor. Monkey Machine Ltd. PGP Key ID: 0x57E9523Chttp://www.monkeymachine.ltd.uk - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Our build is a mess...
Hi all Carlos and Luke, what's the latest status of the Maven 2 build? Does the reference documentation build successfully with Maven 2 as-is? I see acegisecurity.org hasn't built and uploaded since 18 December 2006. Luke, is that running the Maven 2 build? We're shooting at releasing 1.0.4 in the next couple of weeks. Vishal Puri is busily working away on it. In terms of introductions, Vishal works for Interface21 (the company behind Spring) as a Senior Consultant and is based here in Sydney with me. So you'll see more of Vishal on this list, in JIRA and SVN. We're aiming at releasing 1.1.0 final in June. For 1.0.4 we will stick with the Maven 1.0.x build. For 1.1.0 we will refactor the Contacts XML and build (as this is desirable anyway due to the new namespaces support which will be present in 1.1.0) and switch entirely to Maven 2. I'd be happy to switch to Maven 2 immediately (ie for 1.0.4) if it is ready, thus the question above for Luke and Carlos. Cheers Ben - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Jalopy?
Luke Taylor wrote: Hey, I spent ages bringing the errors down a while back :). There are only 34 at the moment in core and 12 are due to spaces around brackets. If we can get someone to nail the file down to what we want the code to look like (e.g. our benevolent dictator, Ben?), then we can run from there. At the moment it's just an approximation based on my best guesses. The consensus seems to be to change, so I agree entirely. Luke or Ray, can you take care of this? If we use the present Jalopy rules as a guide, that should maintain reasonable compatibility with past source code formatting. Cheers Ben - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer