Re: [Resin-interest] JdbcAuthenticator Cookie-Domain
Well this still isn't working for me. I have tried: .[domain].com (with a preceding dot) and [domain].com (without a preceding dot) and no matter what it is still creating the cookie named: [host].[domain].com (where [host] is the virtual host I am running the app under). I can't get it to be a domain-wide cookie using the cookie-domain option under JdbcAuthenticator's init params. Anybody else doing this successfully? Aaron Should the cookie-domain setting on the JdbcAuthenticator from this page: http://wiki.caucho.com/JdbcAuthenticator work on Resin 4.0, or is that old documentation? I am setting it inside the init tag, but it doesn't seem to be working. I will keep trying other iterations. Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
[Resin-interest] JdbcAuthenticator
I am playing with the JdbcAuthenticator on Resin 4.0 and for some reason I can not get it to authenticate properly. With the detail level set to finest, I am always getting: mismatched password:aaron where aaron is the username I am trying to authenticate. I have tried trimming the password and even forcing it like: password-query select 'abcd' password from login where username = ?/password-query and cannot get it to authenticate. So the next question is, are the passwords stored in the database plaintext or do they need to be encrypted? If they need to be encrypted, what is the default digest for doing that? Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] JdbcAuthenticator
Ah so I just stumbled on this and answered my own question: http://www.caucho.com/resin-3.0/security/digest.xtp By storing the digested form in the password field, it started working. Aaron I am playing with the JdbcAuthenticator on Resin 4.0 and for some reason I can not get it to authenticate properly. With the detail level set to finest, I am always getting: mismatched password:aaron where aaron is the username I am trying to authenticate. I have tried trimming the password and even forcing it like: password-query select 'abcd' password from login where username = ?/password-query and cannot get it to authenticate. So the next question is, are the passwords stored in the database plaintext or do they need to be encrypted? If they need to be encrypted, what is the default digest for doing that? Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
