Re: [appfuse-user] Disable Password Encoding ACEGI

Thu, 09 Aug 2007 10:18:48 -0700
acegi already has a PlaintextPasswordEncoder available. our legacy passwords were Unix crypt format so it wouldn't help you in this case. 

try changing this
org.acegisecurity.providers.encoding.ShaPasswordEncoder

to this

org.acegisecurity.providers.encoding.PlaintextPasswordEncoder

and see what happens.






APenrose wrote:


Hi Fred,
Thanks for the reply. The legacy passwords are not ecrypted at all !!

Could I bold and ask would you by any chance be able to attach your
PasswordEncoder class? ;-) I'll try return the favour at some point.

Andrew


Fred Forester-2 wrote:



Im not sure about disabling the authentication but it was pretty easy to 
implement my own PasswordEncoder for my legacy passwords. do you know 
what format the old one are in?


the alternative would be to probably have your own encoder just always
return true for the comparison.


APenrose wrote:

Hi,
I have password encoding off for the user sign up but I am looking to

disable it for the when a user logs in. 
I see in the security.xml file I have the following. How do I disable the

password encoder and is this the right place ? Oh..I need to disable
password encoding to allow for legacy passwords....

    <bean id="daoAuthenticationProvider"
class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
         <property name="userDetailsService" ref="userDao"/>
         <property name="passwordEncoder" ref="passwordEncoder"/>
    </bean>

    <bean id="anonymousAuthenticationProvider"
class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
        <property name="key" value="anonymous"/>
    </bean>

    <bean id="rememberMeAuthenticationProvider"
class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
        <property name="key" value="appfuseRocks"/>
    </bean>

    <!-- This bean definition must be available to
ApplicationContext.getBean() so StartupListener
         can look for it and detect if password encryption is turned on
or
not -->
    <bean id="passwordEncoder"
class="org.acegisecurity.providers.encoding.ShaPasswordEncoder"/>

thanks
Andrew



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]







---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to