You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by se...@apache.org on 2013/07/12 09:51:12 UTC
[17/50] git commit: updated refs/heads/sdnextensions to bcfb4e6
CLOUDSTACK-1815
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/f56d9d7c
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/f56d9d7c
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/f56d9d7c
Branch: refs/heads/sdnextensions
Commit: f56d9d7c63b03516382c85290d202eff191c57aa
Parents: 873e4e0
Author: radhikap <ra...@citrix.com>
Authored: Thu Jul 11 10:25:40 2013 +0530
Committer: radhikap <ra...@citrix.com>
Committed: Thu Jul 11 10:27:28 2013 +0530
----------------------------------------------------------------------
docs/en-US/password-storage-engine.xml | 54 +++++++++++++++++++++++++++++
1 file changed, 54 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/f56d9d7c/docs/en-US/password-storage-engine.xml
----------------------------------------------------------------------
diff --git a/docs/en-US/password-storage-engine.xml b/docs/en-US/password-storage-engine.xml
new file mode 100644
index 0000000..b1d5340
--- /dev/null
+++ b/docs/en-US/password-storage-engine.xml
@@ -0,0 +1,54 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
+%BOOK_ENTITIES;
+]>
+
+<!-- Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<section id="password-storage-engine">
+ <title>Changing the Default Password Encryption</title>
+ <para>&PRODUCT; allows you to determine the default encoding and authentication mechanism for
+ admin and user logins. Plain text user authenticator has been changed to do a simple string
+ comparison between retrieved and supplied login passwords instead of comparing the retrieved md5
+ hash of the stored password against the supplied md5 hash of the password because clients no
+ longer hash the password. The following method determines what encoding scheme is used to encode
+ the password supplied during user creation or modification.</para>
+ <para>When a new user is created, the user password is encoded by using the first valid encoder
+ loaded as per the sequence specified in the <code>UserPasswordEncoders</code> property in the
+ <filename>ComponentContext.xml</filename> or <filename>nonossComponentContext.xml</filename>
+ files. The order of authentication schemes is determined by the <code>UserAuthenticators</code>
+ property in the same files. The administrator can change the ordering of both these properties
+ as preferred. When a new authenticator or encoder is added, you can add them to this list. While
+ doing so, ensure that the new authenticator or encoder is specified as a bean in both these
+ files if they are required for both oss and non-oss components. The two properties are listed
+ below:</para>
+ <programlisting><property name="UserAuthenticators">
+ <list>
+ <ref bean="SHA256SaltedUserAuthenticator"/>
+ <ref bean="MD5UserAuthenticator"/>
+ <ref bean="LDAPUserAuthenticator"/>
+ <ref bean="PlainTextUserAuthenticator"/>
+ </list>
+ </property>
+ <property name="UserPasswordEncoders">
+ <list>
+ <ref bean="SHA256SaltedUserAuthenticator"/>
+ <ref bean="MD5UserAuthenticator"/>
+ <ref bean="LDAPUserAuthenticator"/>
+ <ref bean="PlainTextUserAuthenticator"/>
+ </list></programlisting>
+</section>