|

»

»

SHA-1 (Base64) Password Encoding

View: New views

3 Messages — Rating Filter: Alert me

	SHA-1 (Base64) Password Encoding by Stuck, Christian :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, We're trying to configure an additional authentication handler in our installation to use our CMS users table which has passwords hashed (SHA-1) and Base64 encoded. Before we noticed the passwords were Base64 encoded we had tried to he the passwordEncoder property with the SHA1 value: <property name="passwordEncoder"> <bean class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"> <constructor-arg value="SHA1" /> </bean> </property> Of course, this didn't work. Any suggestions out of the box or should we quickly extend/replace the DefaultPasswordEncoder? Many thanks, Christian Christian Stück Assistant Director, ITG (212) 854-2808 _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas
	Re: SHA-1 (Base64) Password Encoding by scott_battaglia :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, You have two options: you can either create a new PasswordEncoder by implementing the interface that does what you want. If the current one does what you want except for the Base64 encoding we can try adding that to the PasswordEncoder or you can create a new PasswordEncoder that delegates to the Default one and then Base64 that. -Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Fri, Jun 27, 2008 at 11:45 AM, Stuck, Christian <crs2144@...> wrote: Hi, We're trying to configure an additional authentication handler in our installation to use our CMS users table which has passwords hashed (SHA-1) and Base64 encoded. Before we noticed the passwords were Base64 encoded we had tried to he the passwordEncoder property with the SHA1 value: <property name="passwordEncoder"> <bean class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"> <constructor-arg value="SHA1" /> </bean> </property> Of course, this didn't work. Any suggestions out of the box or should we quickly extend/replace the DefaultPasswordEncoder? Many thanks, Christian Christian Stück Assistant Director, ITG (212) 854-2808 _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas
	RE: SHA-1 (Base64) Password Encoding by Stuck, Christian :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Scott, Thanks for your reply. I wound up creating a new PasswordEncoder that uses the Default and then Base64 encodes the result (the last option you suggested). It works well and doesn't reinvent the wheel. Many thanks, Christian Christian Stück Assistant Director, ITG Columbia Business School -----Original Message----- From: Scott Battaglia <scott.battaglia@...> Sent: Saturday, June 28, 2008 10:48 PM To: Yale CAS mailing list <cas@...> Subject: Re: SHA-1 (Base64) Password Encoding Hi, You have two options: you can either create a new PasswordEncoder by implementing the interface that does what you want. If the current one does what you want except for the Base64 encoding we can try adding that to the PasswordEncoder or you can create a new PasswordEncoder that delegates to the Default one and then Base64 that. -Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Fri, Jun 27, 2008 at 11:45 AM, Stuck, Christian <crs2144@...> wrote: > Hi, > > We're trying to configure an additional authentication handler in our > installation to use our CMS users table which has passwords hashed (SHA-1) > and Base64 encoded. Before we noticed the passwords were Base64 encoded we > had tried to he the passwordEncoder property with the SHA1 value: > > <property name="passwordEncoder"> > <bean > class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"> > > <constructor-arg value="SHA1" /> > </bean> > </property> > > Of course, this didn't work. Any suggestions out of the box or should we > quickly extend/replace the DefaultPasswordEncoder? > > Many thanks, > Christian > > Christian Stück > Assistant Director, ITG > (212) 854-2808 > > _______________________________________________ > Yale CAS mailing list > cas@... > http://tp.its.yale.edu/mailman/listinfo/cas > > _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas