P
Paul Koufalis
Guest
After a lot of reading and trial-and-error, I'm 99% there. I added my own cp in WEB-INF/classes and got all the way to ValidatePassword(). With realmPwdAlg=0 the password is passed in plain text and the validation fails since it checks "_User._Password = password" and _password is ENCODE'd . If I pass the actual content of _Password it works great. Of course I could change HybridRealm.cls to authenticate against ENCODE(password) but somehow that doesn't seem like the right solution. What am I missing?
Continue reading...
Continue reading...