[opencms-dev] Getting User Password without logging in
Joachim Arrasz
info at arrasz.de
Thu Oct 19 15:34:01 CEST 2006
Hi,
> You have to change the opencms authentication method.
> A quick solution is to store the password unencrypted in the database.
> To do this, change the passwordhandler in opencms-system.xml setting
> <digest-type>plain</digest-type>
>
> A better solution is to use a reversable (two-way) encryption
> algorithm. To do this, create a class that implements
> I_CmsPasswordHandler and put it in <passwordhandler> in
> opencms-system.xml.
what kind of security is this then? In my Opinion both solutions are no
practical solutions. Two way encryptions are not save!
Kind Regards
Achim
--
/**
* Joachim Arrasz
* Head of technical Research
* Synyx GmbH & Co. KG --OpenCms Solution Provider--J2ME Solutions--
* Karlstr. 68
* 76137 Karlsruhe
* phone +49(0)721 66 48 79 32
* fax +49(0)721 66 48 877
* eMail joachim.arrasz at synyx.de
* www http://www.synyx.de
*/
More information about the opencms-dev
mailing list