[jira] Created: (OFBIZ-415) shark component's OfbizAuthenticationMgr doesn't work

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[jira] Created: (OFBIZ-415) shark component's OfbizAuthenticationMgr doesn't work

Nicolas Malin (Jira)
shark component's OfbizAuthenticationMgr doesn't work
-----------------------------------------------------

                 Key: OFBIZ-415
                 URL: http://issues.apache.org/jira/browse/OFBIZ-415
             Project: OFBiz (The Open for Business Project)
          Issue Type: Bug
          Components: framework
    Affects Versions: SVN trunk
            Reporter: Scott Gray
            Priority: Minor


The OfbizAuthenticationManager.validateUser passes encrypted passwords to the userLogin service which requires plain text passwords.  

I can't see why shark needs its own authentication checks, when ofbiz takes care of this?  I think we should replace OfbizAuthenticationMgr with NoAuthenticationMgr which always returns true.

I know there's not much interest in shark but it would be nice to keep it working so people can at least take a look.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       
Reply | Threaded
Open this post in threaded view
|

[jira] Commented: (OFBIZ-415) shark component's OfbizAuthenticationMgr doesn't work

Nicolas Malin (Jira)
    [ http://issues.apache.org/jira/browse/OFBIZ-415?page=comments#action_12446544 ]
           
Jacopo Cappellato commented on OFBIZ-415:
-----------------------------------------

I'm sorry but I don't know if this is by design or just an old auth method... any comments?

> shark component's OfbizAuthenticationMgr doesn't work
> -----------------------------------------------------
>
>                 Key: OFBIZ-415
>                 URL: http://issues.apache.org/jira/browse/OFBIZ-415
>             Project: OFBiz (The Open for Business Project)
>          Issue Type: Bug
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Scott Gray
>            Priority: Minor
>
> The OfbizAuthenticationManager.validateUser passes encrypted passwords to the userLogin service which requires plain text passwords.  
> I can't see why shark needs its own authentication checks, when ofbiz takes care of this?  I think we should replace OfbizAuthenticationMgr with NoAuthenticationMgr which always returns true.
> I know there's not much interest in shark but it would be nice to keep it working so people can at least take a look.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       
Reply | Threaded
Open this post in threaded view
|

[jira] Commented: (OFBIZ-415) shark component's OfbizAuthenticationMgr doesn't work

Nicolas Malin (Jira)
In reply to this post by Nicolas Malin (Jira)
    [ http://issues.apache.org/jira/browse/OFBIZ-415?page=comments#action_12446596 ]
           
David Garrett commented on OFBIZ-415:
-------------------------------------

Scott,

I agree. The approach I used in the past is as you suggest to always return true.

either with NoAuthenticationMgr  or patch OfbizAuthenticationMgr to return true. I did have a clever solution at one stage but I can't seem to find it right now.

David G

> shark component's OfbizAuthenticationMgr doesn't work
> -----------------------------------------------------
>
>                 Key: OFBIZ-415
>                 URL: http://issues.apache.org/jira/browse/OFBIZ-415
>             Project: OFBiz (The Open for Business Project)
>          Issue Type: Bug
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Scott Gray
>            Priority: Minor
>
> The OfbizAuthenticationManager.validateUser passes encrypted passwords to the userLogin service which requires plain text passwords.  
> I can't see why shark needs its own authentication checks, when ofbiz takes care of this?  I think we should replace OfbizAuthenticationMgr with NoAuthenticationMgr which always returns true.
> I know there's not much interest in shark but it would be nice to keep it working so people can at least take a look.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira