|password with salt [message #899529]
||Wed, 01 August 2012 10:13
| Bertin Kiekebosch
Registered: August 2011
we are using DataSourceSecurityFilter for authentication. We want to add salt to the passwords. Now on login I need to change the way the password is checked by the DataSourceSecurityFilter because the simple select statement (org.eclipse.scout.rt.server.servlet.filter.DataSourceSecurityFilter#selectUserPass=SELECT name FROM account WHERE name=? and password=?
) is not enough anymore
I planned to make a new class that inherits form DataSourceSecurityFilter and then override protected boolean isValidUser(String username, String password) method.
And then register my new class as an extension (servletfilter.filters)
Is this the way to do it?
Powered by FUDForum
. Page generated in 0.07680 seconds