-
Type:
Improvement
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 1.0.0
-
Fix Version/s: 1.1.0
-
Component/s: Authentication (log-in), Cryptography & Hashing
-
Labels:None
When hashing credentials, the CredentialsMatcher must be able to acquire a salt from the AuthenticationInfo returned from the realm since salts are account/user-specific.
The HashedCredentialsMatcher should be updated to acquire the salt, if it exists, from the AuthenticationInfo and use that to perform a hash before comparing credentials.
- duplicates
-
SHIRO-176 AuthenticationInfo instances should be able to return stored salt
-
- Closed
-