Details
Description
In org.apache.jetspeed.services.security.turbine.TurbineUserManagement
in Method encryptPassword() the OutputStream is not flushed.
The result is that the returned encrypted passwordstring is not complete and i
think it may vary on different systems.
/* CODE from current CVS: */
MessageDigest md = MessageDigest.getInstance(passwordsAlgorithm);
byte[] digest = md.digest(password.getBytes("UTF-8"));
ByteArrayOutputStream bas = new ByteArrayOutputStream(digest.length +
digest.length / 3 + 1);
OutputStream encodedStream = MimeUtility.encode(bas, "base64");
encodedStream.write(digest);
return bas.toString();
/* FIX: */
encodedStream.flush();