[
https://jira.jboss.org/jira/browse/GTNPORTAL-306?page=com.atlassian.jira....
]
Boleslaw Dawidowicz commented on GTNPORTAL-306:
-----------------------------------------------
PicketLinkIDMOrganizationServiceImpl has a 'passwordAsAttribute' switch that is
set to 'false' by default and can be set to true with ValueParam.
If true then password will be persisted as a plain text attribute and available in
user.getPassword(). By default it will be persisted as a user credential (encrypted) and
can be validated with the UserHandler.authentitcate() method.
The reason for this is that in some stores like LDAP which support user authentication
there is no way to grab unencrypted password but only to validate it by comparing one way
hash. IDM Hibernate store also supports such encrypted password hash. I provided the
'passwordAsAttribute' for compatibility reasons but I suggest to rethink using
user.getPassword() and rely on authenticate() instead...
The User Handler implementation returns a User with a password
"null"
---------------------------------------------------------------------
Key: GTNPORTAL-306
URL:
https://jira.jboss.org/jira/browse/GTNPORTAL-306
Project: GateIn Portal
Issue Type: Bug
Components: Identity integration
Affects Versions: 3.0.0-Beta02
Reporter: Trong Tran
Assignee: Boleslaw Dawidowicz
Fix For: 3.0.0-Beta03
Attachments: testcase.diff
the unit test is in attached file testcase.diff
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira