Jeff Watkins wrote:
On 20 Dec, 2005, at 3:08 pm, Jeremy Jones wrote:
I went ahead and put it in one. I'm sure you can find it, but it's
#241, has [PATCH] in it, and shows up in the "Pending Patches" report.
Jeremy, I've applied your patch, but the problem I see is that it's
now difficult to encrypt the password.
I'm taking advantage of the CatWalk tool to add users and groups, but
I don't see a convenient way to MD5 or SHA the password before
stashing it in the DB.
I guess this is really an example of why the Identity framework needs
its own admin system. Maybe an extension of CatWalk...
So here's the question: Would you rather have the MD5 & SHA code in
the SqlObjectIdentityProvider to check passwords against MD5 and SHA
hexdigests in the database but without the ability to easily encrypt
the passwords (short of manually computing and storing an MD5 or SHA
hash) or do we need to step back and think about a CRUDy interface for
Identity?
Jeff
(Who's not had a tremendous amount of sleep, so this may all be
gibberish.)
I was planning on creating my own registration form and encrypting the
passwords in there before inserting them into the database. I was
assuming that other folks using identity would need to do the same.
Now, a CRUDy user management thingy would be pretty cool, but I
personally wouldn't mind that being a longer term goal.
So, why are you not getting enough sleep? :-)
I'm-a-daddy-of-two-and-understand-ly y'rs,
- jmj
