Hello, I wonder if there is not a pb with code at line 92 of AuthenticationProviderBasic<https://github.com/apache/pulsar/blob/master/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderBasic.java#L92>.
Crypt.crypt(password.getBytes(), encryptedPassword.substring(0, 2)) Crypt.crypt<https://github.com/apache/commons-codec/blob/master/src/main/java/org/apache/commons/codec/digest/Crypt.java#L74> method wait for a Salt that start with a prefix of 3 characters (as $6$<https://github.com/apache/commons-codec/blob/master/src/main/java/org/apache/commons/codec/digest/Sha2Crypt.java#L66> and match a pattern that start with 6$6) Here, code send 2 first character of encrypted password as salt ($6) When i try code Sha2Crypt.sha512Crypt("Password".getBytes(), "$6"); it fails when i try Sha2Crypt.sha512Crypt("Password".getBytes(), "$6$512"); it return $6$512$njqNIcp2gj94uV6lbuk... So, i think it should be better with a method to extract salt like private String extractSalt(String pwd) { int pos = pwd.indexOf("$", 3); // As Salt seems to be of length 3 ($5$, $6$ ...) or may use "String[] split = pwd.split("\\$");" return pwd.substring(0, pos); } Regards, Christophe As a recipient of an email from Talend, your contact personal data will be on our systems. Please see our privacy notice (updated August 2020) at Talend, Inc. <https://www.talend.com/contacts-privacy-policy/>
