You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Kalle Korhonen (JIRA)" <ji...@apache.org> on 2010/10/04 20:55:34 UTC
[jira] Resolved: (SHIRO-176) AuthenticationInfo instances should be
able to return stored salt
[ https://issues.apache.org/jira/browse/SHIRO-176?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kalle Korhonen resolved SHIRO-176.
----------------------------------
Resolution: Duplicate
> AuthenticationInfo instances should be able to return stored salt
> -----------------------------------------------------------------
>
> Key: SHIRO-176
> URL: https://issues.apache.org/jira/browse/SHIRO-176
> Project: Shiro
> Issue Type: Improvement
> Affects Versions: 0.9-RC1, 0.9, 1.0.0, 1.0.1
> Reporter: Les Hazlewood
> Fix For: 1.1.0
>
>
> When comparing credentials hashed with a salt, the salt value should be easily accessible from the AuthenticationInfo instance. Perhaps a new SaltedAuthenticationInfo interface should be introduced (and have the UsernamePasswordToken implement this interface) in order to easily acquire a salt.
> Currently the HashedCredentialsMatcher attempts to acquire the salt from the AuthenticationToken. However, the large majority of the time, the salt will be stored with the AuthenticationInfo and it should be possible to acquire it from that.
> After adding the new interface, the HashedCredentialsMatcher will need a new method: getStoredCredentials(token, authcInfo) or something similar. The default implementation can simply call the existing getCredentials(token) method by default to retain current behavior.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.