Re: Addding User to a Realm

2015-08-31 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sreyan, On 8/29/15 4:54 PM, Sreyan Chakravarty wrote: > Now can you tell me how do I write my own custom credential > handler. Planning one that uses sCrypt. Just create a new class that implements the CredentialHandler interface. Of course, that

Re: Addding User to a Realm

2015-08-31 Thread Sreyan Chakravarty
Christopher what I am planning to do is getting the source of an open source sCrypt library and actually copy pasting the source code into the ScryptCredentialHandler.java. Since I am no security expert. Now this eliminates the compile time dependency but if the open source scrypt library is

Re: Addding User to a Realm

2015-08-31 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sreyen, On 8/31/15 12:23 PM, Sreyan Chakravarty wrote: > Christopher what I am planning to do is getting the source of an > open source sCrypt library and actually copy pasting the source > code into the ScryptCredentialHandler.java. Since I am no

Re: Addding User to a Realm

2015-08-31 Thread Sreyan Chakravarty
Yup the API is very easy to but that keeps a compile time dependency. What I mean is that you also need to put the sCrypt jar into you /lib folder. If thats okay then things get really easy. Regards Sreyan Chakravarty On Mon, Aug 31, 2015 at 10:52 PM, Christopher Schultz <

Re: Addding User to a Realm

2015-08-31 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sreyan, On 8/31/15 1:42 PM, Sreyan Chakravarty wrote: > Yup the API is very easy to but that keeps a compile time > dependency. What I mean is that you also need to put the sCrypt jar > into you /lib folder. If thats okay then things get really

Re: Addding User to a Realm

2015-08-29 Thread Sreyan Chakravarty
Thanks Christopher for that previous reply. It really help clear things up and get things moving again. Now can you tell me how do I write my own custom credential handler. Planning one that uses sCrypt. How can I write it and reference that same CredentialHandler in the context.xml like

Addding User to a Realm

2015-08-24 Thread Sreyan Chakravarty
Okay I know how to authenticate an existing user in a Realm. But how the hell do you add a new user to the Realm ? For example if a new member registers on the site, how would I add that to the Realm ?

Re: Addding User to a Realm

2015-08-24 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sreyan, On 8/24/15 9:24 AM, Sreyan Chakravarty wrote: Okay I know how to authenticate an existing user in a Realm. But how the hell do you add a new user to the Realm ? That depends upon where your users are stored. For example if a new member

Re: Addding User to a Realm

2015-08-24 Thread Sreyan Chakravarty
No you don't understand what my question was. Say I do something like this-: String password = request.getParameter(passwd); long salt = // get salt from SecureRandom String password = salt + password; String hash = encrypt(password) // Use some encryption like bCrypt storeInDb(hash); //

Re: Addding User to a Realm

2015-08-24 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sreyan, On 8/24/15 1:19 PM, Sreyan Chakravarty wrote: No you don't understand what my question was. Say I do something like this-: String password = request.getParameter(passwd); long salt = // get salt from SecureRandom String password