Hi All,
I want to be able to create users that have a straight up SHA-1 password. No Blowfish, nothing special, just plain old vanilla SHA-1. The only way I have been able to accomplish this so far has been to extend DefaultUserProvider and override the createUser, making the following change:
if (!usePlainPassword) {
try {
encryptedPassword = StringUtils.hash(password.getBytes(),"SHA-1");
// encryptedPassword = AuthFactory.encryptPassword(password);
// Set password to null so that it's inserted that way.
password = null;
} catch (UnsupportedOperationException uoe) {
// Encrypting the password may have failed if in setup mode.
// Therefore, use the plain password.
}
}
My question is, does anyone know of a better way to do this? The reason for this "requirement" is that I am trying to access "ofUser" table via mod_auth_mysql so that I can have a "single sign on" solution for all the different areas of my project such as Subversion. Thoughts? Suggestions?
Cheers, Adam