You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@shardingsphere.apache.org by zh...@apache.org on 2020/07/19 04:49:26 UTC

[shardingsphere-elasticjob] branch master updated: change console authorization encode from sha256 to md5 (#1156)

This is an automated email from the ASF dual-hosted git repository.

zhangliang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere-elasticjob.git


The following commit(s) were added to refs/heads/master by this push:
     new 9f7a0d1  change console authorization encode from sha256 to md5 (#1156)
9f7a0d1 is described below

commit 9f7a0d1b453d67d23053d99bfe230f4ccaa51a88
Author: luky116 <38...@users.noreply.github.com>
AuthorDate: Sun Jul 19 12:49:16 2020 +0800

    change console authorization encode from sha256 to md5 (#1156)
---
 .../elasticjob/lite/console/security/UserAuthenticationService.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/elasticjob-lite/elasticjob-lite-console/src/main/java/org/apache/shardingsphere/elasticjob/lite/console/security/UserAuthenticationService.java b/elasticjob-lite/elasticjob-lite-console/src/main/java/org/apache/shardingsphere/elasticjob/lite/console/security/UserAuthenticationService.java
index 3751117..0dfb998 100644
--- a/elasticjob-lite/elasticjob-lite-console/src/main/java/org/apache/shardingsphere/elasticjob/lite/console/security/UserAuthenticationService.java
+++ b/elasticjob-lite/elasticjob-lite-console/src/main/java/org/apache/shardingsphere/elasticjob/lite/console/security/UserAuthenticationService.java
@@ -75,9 +75,9 @@ public class UserAuthenticationService {
         } else {
             return new AuthenticationResult(false, false);
         }
-        String hash1 = Hashing.sha256().hashBytes((username + ":" + realm + ":" + password).getBytes()).toString();
-        String hash2 = Hashing.sha256().hashBytes((method + ":" + uri).getBytes()).toString();
-        String exceptResponse = Hashing.sha256().hashBytes((hash1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + hash2).getBytes()).toString();
+        String hash1 = Hashing.md5().hashBytes((username + ":" + realm + ":" + password).getBytes()).toString();
+        String hash2 = Hashing.md5().hashBytes((method + ":" + uri).getBytes()).toString();
+        String exceptResponse = Hashing.md5().hashBytes((hash1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + hash2).getBytes()).toString();
         
         if (StringUtils.equals(response, exceptResponse)) {
             return authenticationResult;