> Don't authenticators work as plugins in cloudstack with plain text
authenticator as default? I think we should leave it for the customer to
decide whether he wants to disable or keep the authenticator
Couldn't agree more with this! Going through each authenticator until a
success
al Message-
From: Ian Duffy [mailto:i...@ianduffy.ie]
Sent: Friday, September 13, 2013 2:52 AM
To: CloudStack Dev
Subject: Re: plain text authenticator
> Don't authenticators work as plugins in cloudstack with plain text
authenticator as default? I think we should leave it for the customer to
> To: dev@cloudstack.apache.org
> Subject: plain text authenticator
>
> So if you set your password as blah and it gets hashed to xyz and stored in
> the
> users table. Because of the plain text authenticator, you can use that hashed
> value as your password now. So specifically
Don't authenticators work as plugins in cloudstack with plain text
authenticator as default? I think we should leave it for the customer to
decide whether he wants to disable or keep the authenticator. If he
decided to get rid of it, then steps mentioned by Vijay should be executed
(u
Good catch Darren - the plain text authenticator was only preserved to
support older clients that still hashed their passwords to md5. Indeed,
storing the hash type would be required so only the appropriate
authenticator would be invoked. However, we need to ensure that upgrades
are correctly
So if you set your password as blah and it gets hashed to xyz and stored
in the users table. Because of the plain text authenticator, you can
use that hashed value as your password now. So specifically the below
will work.
http://localhost:8080/client/api?command=login&username=
