Announcement

Collapse
No announcement yet.
X
Collapse
  • Page of 1
  • Filter
  • Time
Clear All
new posts
Previous template Next
    #1

    setStoreWithHash not working?

    I have a DynamicForm which submits and saves information to a database. It has a Datasource in which we have a password field declared like this:

    DataSourceTextField password = new DataSourceTextField("password", "Password");
    password.setType(FieldType.PASSWORD);
    password.setStoreWithHash(HashAlgorithm.MD5);

    My impression was that setStoreWithHash would send the password already encrypted using MD5 hashing during a ADD or UPDATE operation (if I understood correctly from the Javadocs). However it doesn´t seem to have any effect. When the form gets submitted it send the data through HTTP to the server but the password remains exactly the same as I typed it in.

    Has anybody tried this?

    Thanks,
    Tags: None
    #2
    storeWithHash is a server-side setting that causes values to be stored as a hash. To protect data in transit, use HTTPS, not this setting.

    Comment

      #3
      I see. The password will not be encrypted in any way while transmitted with HTTP.

      Still, the data should be stored as an MD5 encrypted string on my password field in the database then, shouldn´t it? But that is not the case, it is the same string as i typed it on the DynamicForm field...

      Comment

        #4
        Set the property in your .ds.xml file, not in Java (which is really JavaScript running in the browser). The Java setter should in fact not exist and is being removed.

        Comment

          #5
          I use the built-in SQL datasource & the storeWithHash-operion. How can I prevent storing a not changed password? Currently on store an existing entry, the old password hash is re-hashed and stored. Must this be handled in the datasource update operation, e.g. with velocity? Or is there a better way?

          Comment

          Previous template Next
          Working...
          X