On Oct 5, 2015, at 11:59 AM, Remi Cartier <remi.cartier@imetrik.com> wrote:Hey guys,_______________________________________________
I will have to migrate from a custom in house user management system to keycloak.We are using this algorithm to store salted/hashed password :
public static String hashPassword(String password, String salt) {try {KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt.getBytes(), 2048, 160);SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");byte[] hash = secretKeyFactory.generateSecret(keySpec).getEncoded();return new BigInteger(1, hash).toString(16);} catch (Exception x) {throw new IllegalStateException(x);}}
I was wondering, in order to ease the migration, if I could configure keycloak to use the same hash algorithm ?
Or if there was any other ways ? Like maybe a federation provider, but then comes the question when to push things into keycloak, at password change ?
What do you think ?
Sincerely.
REMI CARTIER
B.O.S.S. (Business & Operation Support Systems) P.O (Product Owner)
IMETRIK GLOBAL INC.
T : +1 514 448-6407 x2009
T : +1 866 276-5382 (toll free)
F : +1 514 904-0611
740 Notre Dame St. West, Suite 1575
Montreal, Quebec, Canada H3C 3X6
imetrik.com
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user