You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by zh...@apache.org on 2020/07/19 04:49:26 UTC
[shardingsphere-elasticjob] branch master updated: change console
authorization encode from sha256 to md5 (#1156)
This is an automated email from the ASF dual-hosted git repository.
zhangliang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere-elasticjob.git
The following commit(s) were added to refs/heads/master by this push:
new 9f7a0d1 change console authorization encode from sha256 to md5 (#1156)
9f7a0d1 is described below
commit 9f7a0d1b453d67d23053d99bfe230f4ccaa51a88
Author: luky116 <38...@users.noreply.github.com>
AuthorDate: Sun Jul 19 12:49:16 2020 +0800
change console authorization encode from sha256 to md5 (#1156)
---
.../elasticjob/lite/console/security/UserAuthenticationService.java | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/elasticjob-lite/elasticjob-lite-console/src/main/java/org/apache/shardingsphere/elasticjob/lite/console/security/UserAuthenticationService.java b/elasticjob-lite/elasticjob-lite-console/src/main/java/org/apache/shardingsphere/elasticjob/lite/console/security/UserAuthenticationService.java
index 3751117..0dfb998 100644
--- a/elasticjob-lite/elasticjob-lite-console/src/main/java/org/apache/shardingsphere/elasticjob/lite/console/security/UserAuthenticationService.java
+++ b/elasticjob-lite/elasticjob-lite-console/src/main/java/org/apache/shardingsphere/elasticjob/lite/console/security/UserAuthenticationService.java
@@ -75,9 +75,9 @@ public class UserAuthenticationService {
} else {
return new AuthenticationResult(false, false);
}
- String hash1 = Hashing.sha256().hashBytes((username + ":" + realm + ":" + password).getBytes()).toString();
- String hash2 = Hashing.sha256().hashBytes((method + ":" + uri).getBytes()).toString();
- String exceptResponse = Hashing.sha256().hashBytes((hash1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + hash2).getBytes()).toString();
+ String hash1 = Hashing.md5().hashBytes((username + ":" + realm + ":" + password).getBytes()).toString();
+ String hash2 = Hashing.md5().hashBytes((method + ":" + uri).getBytes()).toString();
+ String exceptResponse = Hashing.md5().hashBytes((hash1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + hash2).getBytes()).toString();
if (StringUtils.equals(response, exceptResponse)) {
return authenticationResult;