Bug 1252794 - [QE] Insufficient description of hashAlgorithm for UsernamePasswordLoginModule
[QE] Insufficient description of hashAlgorithm for UsernamePasswordLoginModule
Status: CLOSED CURRENTRELEASE
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Documentation (Show other bugs)
6.4.0
Unspecified Unspecified
unspecified Severity low
: post-GA
: ---
Assigned To: Zach Rhoads
mchoma
https://access.stage.redhat.com/docum...
: Documentation, EasyFix, Triaged
Depends On:
Blocks: 1233012
  Show dependency treegraph
 
Reported: 2015-08-12 05:11 EDT by mchoma
Modified: 2015-10-20 08:55 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-10-20 08:55:54 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description mchoma 2015-08-12 05:11:48 EDT
Book: Login Module Reference
Revision: n_1575841_login-module-reference_version_6.4_edition_1.0_release_0-revision_6701191
Section: 2.2.1. Password Hashing

Issue description:
Description of hashAlgorithm option for UsernamePasswordLoginModule contains sentence "When hashAlgorithm is specified, the clear text password obtained from the CallbackHandler is hashed before it is passed to UsernamePasswordLoginModule.validatePassword as the inputPassword argument". However it also depends on hashUserPassword option which has to be set to true.

Suggestions for improvement:
Repair sentence mentioned above to "When hashAlgorithm is specified and hashUserPassword is set to true, the clear text password obtained from the CallbackHandler is hashed before it is passed to UsernamePasswordLoginModule.validatePassword as the inputPassword argument".

Note You need to log in before you can comment on or make changes to this bug.