Demetrius Tsitrelis created CLOUDSTACK-6311:
-----------------------------------------------
Summary: login is called with unhashed password
Key: CLOUDSTACK-6311
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6311
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Doc
Affects Versions: 4.3.0
Reporter: Demetrius Tsitrelis
In the description of the password parameter on
http://cloudstack.apache.org/docs/api/apidocs-4.3/root_admin/login.html it says:
"Hashed password (Default is MD5). If you wish to use any other hashing
algorithm, you would need to write a custom authentication adapter See Docs
section."
This was true for older versions of CloudStack but not anymore. The password
should be passed as cleartext and the configured authenticators will then hash
it with the appropriate algorithm.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
