[jboss-jira] [JBoss JIRA] (ELY-1497) Support Modular Crypt Format (MCF) password in Bcrypt mapper
Darran Lofthouse (Jira)
issues at jboss.org
Tue May 28 11:44:00 EDT 2019
[ https://issues.jboss.org/browse/ELY-1497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse resolved ELY-1497.
-----------------------------------
Fix Version/s: 1.9.0.Final
Assignee: Darran Lofthouse
Resolution: Out of Date
Modular crypt support is added to the JDBC SecurityRealm from WildFly 17 and Elytron 1.9.0.Final.
> Support Modular Crypt Format (MCF) password in Bcrypt mapper
> ------------------------------------------------------------
>
> Key: ELY-1497
> URL: https://issues.jboss.org/browse/ELY-1497
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Passwords
> Affects Versions: 1.1.7.Final
> Reporter: Tom Stiemerling
> Assignee: Darran Lofthouse
> Priority: Major
> Fix For: 1.9.0.Final
>
>
> Currently BCrypt mapper for DB realm does not support MCF format passwords (which does not require explicit salt or iterations):
> {noformat}
> 17:42:28,328 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 3) WFLYCTL0013: Operation ("add") failed - address: ([
> ("subsystem" => "elytron"),
> ("jdbc-realm" => "DatabaseRealm")
> ]) - failure description: "WFLYCTL0155: 'salt-index' may not be null"
> {noformat}
> Support should be added to support MCF password so only single column needed in DB.
> Logic:
> {code}
> if (password && !salt && !iterations)
> assume MCF format password
> else if (password && salt && iterations)
> assume BCrypt (b64) password, etc
> else
> error
> {code}
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list