[keycloak-dev] Custom Authenticator
Bruno Oliveira
bruno at abstractj.org
Mon Oct 3 13:03:38 EDT 2016
Take a look at the docs here: https://keycloak.gitbooks.io/server-developer-guide/content/v/2.2/topics/auth-spi.html.
Although, I would not recommend hashing to store passwords. Hashes were
made to be fast and can be broken. That's why Keycloak has PBKDF2, or if
you don't like it, try to implement your own with BCrypt or Scrypt, but
never MD5[1].
[1] - https://cwe.mitre.org/data/definitions/327.html
On 2016-09-29, Yunus ÖNCEL wrote:
> Hello;
>
> i have described for MD5 passwort. now i write to database password of
> users with MD5ed password.
>
> it is possible, Can ı wrıte or change custom Authenticator with hilfe SPI?
>
> Because i need another conditon to the correct user to the login.
>
> thank you and sorry for my English
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
abstractj
PGP: 0x84DC9914
More information about the keycloak-dev
mailing list