You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Francois Orsini (JIRA)" <ji...@apache.org> on 2009/12/18 19:02:19 UTC
[jira] Commented: (DERBY-4483) Provide a way to change the hash
algorithm used by BUILTIN authentication
[ https://issues.apache.org/jira/browse/DERBY-4483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12792551#action_12792551 ]
Francois Orsini commented on DERBY-4483:
----------------------------------------
Note: Allowing to set a different hash algorithm would have to be done at the time the database is created when the hash password is stored in the database (storing the user property) as otherwise during runtime, one would not be able to compare some hash produced by the new configured hash algorithm versus the stored hash value which would have been generated using some previous and different algorithm.
> Provide a way to change the hash algorithm used by BUILTIN authentication
> -------------------------------------------------------------------------
>
> Key: DERBY-4483
> URL: https://issues.apache.org/jira/browse/DERBY-4483
> Project: Derby
> Issue Type: Improvement
> Components: Services
> Affects Versions: 10.5.3.0
> Reporter: Knut Anders Hatlen
> Priority: Minor
>
> The BUILTIN authentication scheme protects the passwords by hashing them with the SHA-1 algorithm. It would be nice to have way to specify a different algorithm so that users can take advantage of new, stronger algorithms provided by their JCE provider if so desired.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.