I am looking to use per-password salting using random numbers.
Looking at the HashedCredentialsMatcher.getSalt it uses the
AuthenticationToken (the user name) for salt.
Any recommendations on how to extend the getSalt api in order to retrieve a
salt stored with a DAO? It seems like the Realm would be the right place for
this, but the current API does not seem to support something like that.
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Password-Salting-one-salt-per-password-tp5490030p5490030.html
Sent from the Shiro User mailing list archive at Nabble.com.
