Sebastian Tacke created JAMES-1532:
--------------------------------------
Summary: JPAUser database field too short for SHA-512 password
hashes
Key: JAMES-1532
URL: https://issues.apache.org/jira/browse/JAMES-1532
Project: James Server
Issue Type: Bug
Components: UsersStore & UsersRepository
Affects Versions: 3.0-beta4
Reporter: Sebastian Tacke
The configuration supports setting the hash algorithm for user passwords to
SHA-512. However SHA-512 hashes cannot be stored in the JPA user repository,
because the field is too short.
[JPAUser|http://svn.apache.org/repos/asf/james/server/trunk/data/data-jpa/src/main/java/org/apache/james/user/jpa/model/JPAUser.java]
sets the field length to 100:
{code}/** Hashed password */
@Basic
@Column(name = "PASSWORD", nullable = false, length = 100)
private String password;{code}
The password hashes are hex encoded before they are stored to the database, so
SHA-512 hashes take up (512/8)*2 = 128 characters.
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
