1. Sebastian Sebastian
  2. scm-manager

Issues

Issue #553 wontfix

Password salt

Lizzaran
created an issue

Would it be possible to add a <salt> field for the user authentication?

So that the resulting stored password would be sha1(salt + sha1(plain_pw)).

I'd like to synchronize scm users/passwords with another application that stores it's password this way. I tried to modify the sample auth plugin but I'm not skilled enough in Java to do it.

Comments (2)

  1. Sebastian Sebastian repo owner

    This is not possible with scm-manager 1.x. We will implement salts for scm-manager 2.x. Perhaps we could write an authenticator and authenticate directly against the other application instead of synchronise passwords.

  2. Log in to comment