OpenFire: SHA-1 passwords without blowfish encryption
https://stackoverflow.com/questions/3409657
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I want to be able to create users that have a straight up SHA-1 password. No Blowfish, nothing special, just plain old vanilla SHA-1. The only way I have been able to accomplish this so far has been to extend DefaultUserProvider and override the createUser, making the following change:
if (!usePlainPassword) {
try {
encryptedPassword = StringUtils.hash(password.getBytes(),"SHA-1");
// encryptedPassword = AuthFactory.encryptPassword(password);
// Set password to null so that it's inserted that way.
password = null;
} catch (UnsupportedOperationException uoe) {
// Encrypting the password may have failed if in setup mode.
// Therefore, use the plain password.
}
}
Is there a better way to do this? Thoughts? Suggestions?
(The reason for this "requirement" is that I am trying to access ofUser table via mod_auth_mysql so that I can have a "single sign on" solution for all the different areas of my project such as Subversion.)
Solution
Turns out my initial solution (provided in the question) is the only way to accomplish this functionality. I have conversed with others on the openfire support forum and they concur.
