You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cloudstack.apache.org by "Demetrius Tsitrelis (JIRA)" <ji...@apache.org> on 2014/03/31 23:57:14 UTC

[jira] [Created] (CLOUDSTACK-6311) login is called with unhashed password

Demetrius Tsitrelis created CLOUDSTACK-6311:
-----------------------------------------------

             Summary: login is called with unhashed password
                 Key: CLOUDSTACK-6311
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6311
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Doc
    Affects Versions: 4.3.0
            Reporter: Demetrius Tsitrelis


In the description of the password parameter on http://cloudstack.apache.org/docs/api/apidocs-4.3/root_admin/login.html it says:

"Hashed password (Default is MD5). If you wish to use any other hashing algorithm, you would need to write a custom authentication adapter See Docs section."

This was true for older versions of CloudStack but not anymore.  The password should be passed as cleartext and the configured authenticators will then hash it with the appropriate algorithm.



--
This message was sent by Atlassian JIRA
(v6.2#6252)