day, April 16, 2014 8:36 PM
> To: dev@cloudstack.apache.org
> Subject: Re: login API with MD5 is not working
>
> Hi Demetrius,
>
> Thanks for explanation, I will try with https now.
> Just for information, why did they change this from MD5 to plain text?
>
> Regard
Some authenticators such as LDAP need clear text passwords.
-Original Message-
From: Tejas Gadaria [mailto:refond.g...@gmail.com]
Sent: Wednesday, April 16, 2014 8:36 PM
To: dev@cloudstack.apache.org
Subject: Re: login API with MD5 is not working
Hi Demetrius,
Thanks for explanation, I
ailto:run...@gmail.com]
> Sent: Wednesday, April 16, 2014 12:16 PM
> To: dev@cloudstack.apache.org
> Subject: Re: login API with MD5 is not working
>
>
> On Apr 16, 2014, at 12:56 PM, Demetrius Tsitrelis
> wrote:
>
> > One problem is that the API documentation
> > (htt
[mailto:run...@gmail.com]
Sent: Wednesday, April 16, 2014 12:16 PM
To: dev@cloudstack.apache.org
Subject: Re: login API with MD5 is not working
On Apr 16, 2014, at 12:56 PM, Demetrius Tsitrelis
wrote:
> One problem is that the API documentation
> (https://cloudstack.apache.org/docs/api/apido
On Apr 16, 2014, at 12:56 PM, Demetrius Tsitrelis
wrote:
> One problem is that the API documentation
> (https://cloudstack.apache.org/docs/api/apidocs-4.3/root_admin/login.html)
> still says that the password should be hashed. The docs are out of date;
> send
> the password in plain text.
One problem is that the API documentation
(https://cloudstack.apache.org/docs/api/apidocs-4.3/root_admin/login.html)
still says that the password should be hashed. The docs are out of date; send
the password in plain text.
And - think about security. DON'T use HTTP GET or the query parameters
CloudStack changed password encoding in 4.2 (I believe, but I seem to
remember, but can't find documentation that it changed in 4.1) such that it
no longer assumes that passwords are MD5s coming in. It instead expects
that passwords are passed as plain text and are encoded by CS internally
accordin
