---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/11194/
---
Review request for cloudstack and Chip Childers.
Summary (updated)
Hi Kishan!
Did you verify that adding the plain text authenticator will not allow
login using the hash value itself?
from AccountManagerImpl.java;
... getUserAccount ...
...
boolean authenticated = false;
for(UserAuthenticator authenticator : _userAuthenticators) {
the client sends plain text instead of
hash.
~kishan
-Original Message-
From: Ove Ewerlid [mailto:ove.ewer...@oracle.com]
Sent: Thursday, 16 May 2013 5:33 PM
To: dev@cloudstack.apache.org; Kishan Kavala
Subject: Re: Review Request: Added PlainTextAuthenticator
Hi Kishan!
Did you
?
/Ove
~kishan
-Original Message-
From: Ove Ewerlid [mailto:ove.ewer...@oracle.com]
Sent: Thursday, 16 May 2013 5:33 PM
To: dev@cloudstack.apache.org; Kishan Kavala
Subject: Re: Review Request: Added PlainTextAuthenticator
Hi Kishan!
Did you verify that adding the plain text
-Original Message-
From: Ove Ewerlid [mailto:ove.ewer...@oracle.com]
Sent: Thursday, 16 May 2013 6:25 PM
To: dev@cloudstack.apache.org
Subject: Re: Review Request: Added PlainTextAuthenticator
On 05/16/2013 02:16 PM, Kishan Kavala wrote:
Ove,
Plain text authenticator
: Thursday, 16 May 2013 6:25 PM
To: dev@cloudstack.apache.org
Subject: Re: Review Request: Added PlainTextAuthenticator
On 05/16/2013 02:16 PM, Kishan Kavala wrote:
Ove,
Plain text authenticator will allow logging using the hash value. Or else,
clients sending MD5 hash will fail to login
...@oracle.com]
Sent: Thursday, 16 May 2013 6:25 PM
To: dev@cloudstack.apache.org
Subject: Re: Review Request: Added PlainTextAuthenticator
On 05/16/2013 02:16 PM, Kishan Kavala wrote:
Ove,
Plain text authenticator will allow logging using the hash value. Or
else,
clients sending MD5
:
-Original Message-
From: Ove Ewerlid [mailto:ove.ewer...@oracle.com]
Sent: Thursday, 16 May 2013 6:25 PM
To: dev@cloudstack.apache.org
Subject: Re: Review Request: Added PlainTextAuthenticator
On 05/16/2013 02:16 PM, Kishan Kavala wrote:
Ove,
Plain text authenticator will allow
Nice explanation Prasanna.
+1 to Kishan's fix.
-Original Message-
From: Prasanna Santhanam [mailto:t...@apache.org]
Sent: Thursday, May 16, 2013 9:50 PM
To: dev@cloudstack.apache.org
Cc: Kishan Kavala
Subject: Re: Review Request: Added PlainTextAuthenticator
On Thu, May 16, 2013
On Thu, May 16, 2013 at 09:50:21PM +0530, Prasanna Santhanam wrote:
On Thu, May 16, 2013 at 04:03:14PM +0200, Ove Ewerlid wrote:
I vote -1 for enabling plain text authentication allowing auth
directly against hashes. I'm not clear if this functionality exists
in ACS4.0, I would assume not.
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/11194/#review20655
---
Ship it!
Ship It!
- Chip Childers
On May 16, 2013, 10:39 a.m.,
On 05/16/2013 10:55 PM, Chip Childers wrote:
For those moving from 2.2.x, 3.0.x, 4.0 to 4.1:
1. We remove the incorrect auth mechanism and put in the right fix of
encoding at the server and not doing any UI magic.
2. We correct the API docs and other docs to indicate the user to send
in
12 matches
Mail list logo