RE: user credntials

2012-05-02 Thread Will Chan
mailto:kevin.kl...@citrix.com] Sent: Wednesday, May 02, 2012 10:08 AM To: cloudstack-dev@incubator.apache.org Subject: RE: user credntials Will, I think Abhi and David and I are all in sync -- telling people that they need to know how a given cloud is taking passwords is really broken. I can't think

RE: user credntials

2012-05-02 Thread Kevin Kluge
to cleartext exclusively? -kevin > -Original Message- > From: Will Chan [mailto:will.c...@citrix.com] > Sent: Monday, April 30, 2012 10:08 PM > To: cloudstack-dev@incubator.apache.org > Subject: RE: user credntials > > In your example, they would need to know how t

RE: user credntials

2012-05-02 Thread Abhinandan Prateek
@incubator.apache.org Subject: RE: user credntials The parameter for password is simply just used to pass information from the client to CS. It's really up to the AuthenticatorAdapter to decide how it should use the parameter. Since by default, MD5 hashed password is being passed in, the de

RE: user credntials

2012-04-30 Thread Will Chan
vid Nalley [da...@gnsa.us] Sent: Monday, April 30, 2012 9:35 PM To: cloudstack-dev@incubator.apache.org Subject: Re: user credntials On Apr 30, 2012, at 9:11 PM, Will Chan wrote: > The parameter for password is simply just used to pass information from the > client to CS. It&#x

Re: user credntials

2012-04-30 Thread David Nalley
On Apr 30, 2012, at 9:11 PM, Will Chan wrote: > The parameter for password is simply just used to pass information from the > client to CS. It's really up to the AuthenticatorAdapter to decide how it > should use the parameter. Since by default, MD5 hashed password is being > passed in,

RE: user credntials

2012-04-30 Thread Will Chan
_ From: Kevin Kluge [kevin.kl...@citrix.com] Sent: Monday, April 30, 2012 9:01 PM To: cloudstack-dev@incubator.apache.org Subject: RE: user credntials I think Abhi's proposal would avoid all this, yes? I am not sure if I like have a single parameter that can be either MD5 (as in 2.2.x)

RE: user credntials

2012-04-30 Thread Kevin Kluge
and components XML should refer to their customer > adapters. > > Will > > -Original Message- > From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com] > Sent: Monday, April 30, 2012 10:06 AM > To: cloudstack-dev@incubator.apache.org > Subject: Re: user credntials &g

RE: user credntials

2012-04-30 Thread Will Chan
Vittal [mailto:chiradeep.vit...@citrix.com] Sent: Monday, April 30, 2012 10:06 AM To: cloudstack-dev@incubator.apache.org Subject: Re: user credntials Just wanted to point out this only affects the session-based logins via the GUI (although one can script this kind of API interaction as well). API

Re: user credntials

2012-04-30 Thread Chiradeep Vittal
Abhi > >-Original Message- >From: Kevin Kluge [mailto:kevin.kl...@citrix.com] >Sent: Monday, April 30, 2012 9:30 PM >To: Will Chan; cloudstack-dev@incubator.apache.org >Subject: RE: user credntials > >This means the client has to figure out whether to send MD5 hash or >clearte

RE: user credntials

2012-04-30 Thread Abhinandan Prateek
: Kevin Kluge [mailto:kevin.kl...@citrix.com] Sent: Monday, April 30, 2012 9:30 PM To: Will Chan; cloudstack-dev@incubator.apache.org Subject: RE: user credntials This means the client has to figure out whether to send MD5 hash or cleartext on a per-cloud basis. That seems unreasonable. Why don&#

RE: user credntials

2012-04-30 Thread Kevin Kluge
d. -kevin > -Original Message- > From: Will Chan > Sent: Saturday, April 28, 2012 4:39 PM > To: cloudstack-dev@incubator.apache.org; Kevin Kluge > Subject: RE: user credntials > > The service provider (or whomever is hosting CloudStack) needs to make > that decision. Usi

RE: user credntials

2012-04-28 Thread Will Chan
. Will From: Abhinandan Prateek [abhinandan.prat...@citrix.com] Sent: Saturday, April 28, 2012 3:28 PM To: Kevin Kluge; cloudstack-dev@incubator.apache.org Subject: RE: user credntials The use of plaintext passwords in API is required for only those cloudstack

RE: user credntials

2012-04-28 Thread Abhinandan Prateek
Kluge Sent: Sunday, April 29, 2012 1:09 AM To: Abhinandan Prateek; cloudstack-dev@incubator.apache.org Subject: RE: user credntials How would an API client know to use cleartext or MD5 hash? > -Original Message- > From: Abhinandan Prateek > Sent: Saturday, April 28, 2012 7:5

RE: user credntials

2012-04-28 Thread Kevin Kluge
How would an API client know to use cleartext or MD5 hash? > -Original Message- > From: Abhinandan Prateek > Sent: Saturday, April 28, 2012 7:56 AM > To: Kevin Kluge; cloudstack-dev@incubator.apache.org > Subject: RE: user credntials > > In 2.2.* we were passing MD5

RE: user credntials

2012-04-28 Thread Abhinandan Prateek
left to the admin to configure this encryption mechanism in case LDAP is in use. -Abhi -Original Message- From: Kevin Kluge Sent: Saturday, April 28, 2012 8:16 PM To: Abhinandan Prateek; cloudstack-dev@incubator.apache.org Subject: RE: user credntials Abhi, is this a backwards incompatible

RE: user credntials

2012-04-28 Thread Will Chan
plain-text password, if you wish. Will From: Kevin Kluge [kevin.kl...@citrix.com] Sent: Saturday, April 28, 2012 7:45 AM To: Abhinandan Prateek; cloudstack-dev@incubator.apache.org Subject: RE: user credntials Abhi, is this a backwards incompatible API chan

RE: user credntials

2012-04-28 Thread Kevin Kluge
Abhi, is this a backwards incompatible API change? Also, what does it mean for upgrade? I thought we always sent MD5 hashed passwords from UI to MS. Can you explain the change a bit more? -kevin > -Original Message- > From: Abhinandan Prateek > Sent: Saturday, April 28, 2012 12:14