[cas-user] Issue when using JSON (Whitelist) Authentication with Password Encoding

Wed, 12 Sep 2018 13:13:05 -0700 

Hi all,

I have a problem when using JSON  Authentication with Password Encoding.
I used both CAS versions 5.3.2 and 5.3.3, and below is the used config:

*Properties:*

cas.authn.json.location=file:/path_xx/users-SHA-256.json
#cas.authn.json.name=
cas.authn.json.passwordEncoder.type=DEFAULT
cas.authn.json.passwordEncoder.encodingAlgorithm=SHA-256
cas.authn.json.passwordEncoder.characterEncoding=UTF-8



JSON file:

{
  "@class" : "java.util.LinkedHashMap",  

  "admin" : {
  "@class" : "org.apereo.cas.adaptors.generic.CasUserAccount",
  "password" : 
"*8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918*",
  "attributes" : {
    "@class" : "java.util.LinkedHashMap",
    "kkkkkk" : "vvvvvvv"
  },
  "status" : "OK",
  "expirationDate" : "2019-12-31"
  }

}



*Log:*
2018-09-12 21:29:49,399 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Using [UTF-8] as the 
character encoding algorithm to update the digest>
2018-09-12 21:29:49,402 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Encoded password via 
algorithm [SHA-256] and character-encoding [UTF-8] is 
[8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918]>
2018-09-12 21:29:49,430 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Using [UTF-8] as the 
character encoding algorithm to update the digest>
2018-09-12 21:29:49,431 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Encoded password via 
algorithm [SHA-256] and character-encoding [UTF-8] is 
[998ed4d621742d0c2d85ed84173db569afa194d4597686cae947324aa58ab4bb]>
2018-09-12 21:29:49,431 DEBUG 
[org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Provided password 
does not match the encoded password>

*Problem:*
According to the debug info, CAS encodes the password *twice*, and the 
second encoding is wrong. I don't understand how it is produced.
I used as password '*admin*', which SHA-256 encoding is 
*8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918*.
But CAS considers the second encoding, i.e., 
*998ed4d621742d0c2d85ed84173db569afa194d4597686cae947324aa58ab4bb* (when I 
use this encoding it works).

*Thank you in advance for your help :)*

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4fb02cde-2a9a-43ee-a127-e01accfcc494%40apereo.org.

Reply via email to