You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ofbiz.apache.org by "Scott Gray (JIRA)" <ji...@apache.org> on 2006/10/31 10:50:16 UTC

[jira] Created: (OFBIZ-415) shark component's OfbizAuthenticationMgr doesn't work

shark component's OfbizAuthenticationMgr doesn't work
-----------------------------------------------------

                 Key: OFBIZ-415
                 URL: http://issues.apache.org/jira/browse/OFBIZ-415
             Project: OFBiz (The Open for Business Project)
          Issue Type: Bug
          Components: framework
    Affects Versions: SVN trunk
            Reporter: Scott Gray
            Priority: Minor


The OfbizAuthenticationManager.validateUser passes encrypted passwords to the userLogin service which requires plain text passwords.  

I can't see why shark needs its own authentication checks, when ofbiz takes care of this?  I think we should replace OfbizAuthenticationMgr with NoAuthenticationMgr which always returns true.

I know there's not much interest in shark but it would be nice to keep it working so people can at least take a look.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Commented: (OFBIZ-415) shark component's OfbizAuthenticationMgr doesn't work

Posted by "David Garrett (JIRA)" <ji...@apache.org>.

    [ http://issues.apache.org/jira/browse/OFBIZ-415?page=comments#action_12446596 ] 
            
David Garrett commented on OFBIZ-415:
-------------------------------------

Scott,

I agree. The approach I used in the past is as you suggest to always return true.

either with NoAuthenticationMgr  or patch OfbizAuthenticationMgr to return true. I did have a clever solution at one stage but I can't seem to find it right now.

David G

> shark component's OfbizAuthenticationMgr doesn't work
> -----------------------------------------------------
>
>                 Key: OFBIZ-415
>                 URL: http://issues.apache.org/jira/browse/OFBIZ-415
>             Project: OFBiz (The Open for Business Project)
>          Issue Type: Bug
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Scott Gray
>            Priority: Minor
>
> The OfbizAuthenticationManager.validateUser passes encrypted passwords to the userLogin service which requires plain text passwords.  
> I can't see why shark needs its own authentication checks, when ofbiz takes care of this?  I think we should replace OfbizAuthenticationMgr with NoAuthenticationMgr which always returns true.
> I know there's not much interest in shark but it would be nice to keep it working so people can at least take a look.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Commented: (OFBIZ-415) shark component's OfbizAuthenticationMgr doesn't work

Posted by "Jacopo Cappellato (JIRA)" <ji...@apache.org>.

    [ http://issues.apache.org/jira/browse/OFBIZ-415?page=comments#action_12446544 ] 
            
Jacopo Cappellato commented on OFBIZ-415:
-----------------------------------------

I'm sorry but I don't know if this is by design or just an old auth method... any comments?

> shark component's OfbizAuthenticationMgr doesn't work
> -----------------------------------------------------
>
>                 Key: OFBIZ-415
>                 URL: http://issues.apache.org/jira/browse/OFBIZ-415
>             Project: OFBiz (The Open for Business Project)
>          Issue Type: Bug
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Scott Gray
>            Priority: Minor
>
> The OfbizAuthenticationManager.validateUser passes encrypted passwords to the userLogin service which requires plain text passwords.  
> I can't see why shark needs its own authentication checks, when ofbiz takes care of this?  I think we should replace OfbizAuthenticationMgr with NoAuthenticationMgr which always returns true.
> I know there's not much interest in shark but it would be nice to keep it working so people can at least take a look.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira