[opencms-dev] password for addImport() method not encrypted.
Laurent Vernet
laurent.vernet at fr.adp.com
Mon Feb 24 11:55:42 CET 2003
Hi from France,
Is it normal to have the 'password' field in the method 'addImportUser(...)'
not encrypted ?
The code in the Oracle 'CmsDbAccess' class looks like that:
###############
// crypt the password with MD5
statement.setString(3, checkNull(password));
statement.setString(4, checkNull(recoveryPassword));
statement.setString(5, checkNull(description));
statement.setString(6, checkNull(firstname));
###############
but there's no encryption method called, like in 'addUser'.
Maybe the call to the method 'digest(...)' is missing.
Regards,
Laurent Vernet
148 Rue Anatole France
92688 Levallois-Perret Cedex
T: +33 1 55 63 18 17
E: laurent.vernet at fr.adp.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20030224/56df2f1a/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Laurent Vernet.vcf
Type: text/x-vcard
Size: 365 bytes
Desc: not available
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20030224/56df2f1a/attachment.vcf>
More information about the opencms-dev
mailing list