[opencms-dev] password for addImport() method not encrypted.

Alexander Kandzior alex at opencms.org
Mon Feb 24 12:23:17 CET 2003


This is used only for adding users that have been previously exported
during an import. Such users will have their password already encrypted,
and the already encrypted password must be added "plain".
 
Best Regards,
Alex.

Alexander Kandzior
Alkacon Software - The OpenCms Experts
http://www.alkacon.com <http://www.alkacon.com/>  

-----Original Message-----
From: owner-opencms-dev at www.opencms.org
[mailto:owner-opencms-dev at www.opencms.org] On Behalf Of Laurent Vernet
Sent: Monday, February 24, 2003 11:56 AM
To: opencms
Subject: [opencms-dev] password for addImport() method not encrypted.



Hi from France,

Is it normal to have the 'password' field in the method
'addImportUser(...)' not encrypted ?
The code in the Oracle 'CmsDbAccess' class looks like that:

###############

                // crypt the password with MD5
            statement.setString(3, checkNull(password));
            statement.setString(4, checkNull(recoveryPassword));
            statement.setString(5, checkNull(description));
            statement.setString(6, checkNull(firstname));

###############
but there's no encryption method called, like in 'addUser'.

Maybe the call to the method 'digest(...)' is missing.

Regards,

Laurent Vernet
148 Rue Anatole France
92688 Levallois-Perret Cedex
T: +33 1 55 63 18 17
E: laurent.vernet at fr.adp.com 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20030224/40234101/attachment.htm>


More information about the opencms-dev mailing list