What you mean is migrate from badly broken legacies like:
MD5(salt + password)
SHA1(salt +password)
To BCrypt, Scrypt or PBKDF2? If yes, +1000000
On Tue, Nov 17, 2015 at 1:07 PM Kunal K <kunal(a)plivo.com> wrote:
Hi all,
I would like to start a discussion on how to implement -
https://issues.jboss.org/browse/KEYCLOAK-1900
I have a django web app and all of my users are in a postgres database
with salted passwords hashed using SHA. I have been reading how I can use
UserFederation to implement by own credential validation, but the drawback
here would be that I'll have to keep maintaining my old database.
For starters, I was thinking of replacing all occurrences of
Pbkdf2PasswordEncoder with an equivalent SHAPasswordEncoder, which is a
very crude approach and I'm not sure if it will even work. After some bit
of reading I saw this ticket -
https://issues.jboss.org/browse/KEYCLOAK-1900
I would like to implement a custom hashing SPI and would love to get some
pointers on how to go about it.
Thanks
--
*KUNAL KERKAR *| PRODUCT ENGINEER
Plivo, Inc. 340 Pine St, San Francisco - 94104, USA
Web:
www.plivo.com | Twitter: @plivo <
http://twitter.com/plivo>, @tsudot
<
http://twitter.com/tsudot>
Free Incoming SMS for All US Short Codes – Get One Today!
<
https://www.plivo.com/sms-short-code/?utm=emailsig>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev