stackoom
  简体   繁体   中英

In what encryption type are passwords of wso2 user table (um_user) in wso2_shared_db stored?

 原文  2021-11-10 11:03:17       wso2/ wso2-am/ wso2is/ wso2carbon

Question

According to the official documentation information about users of wso2 identity server reside in the um_user table of wso2_shared_db . The question I would like to ask is in what encryption type passwords in the um_user are stored?

1 answers

solution1
 0  2021-11-14 15:08:51

By default, user passwords are hashed using SHA256 with a random salt. The hashing algorithm is configurable with the PasswordDigest property like below.

[user_store.properties]
PasswordDigest = "SHA-256"
StoreSaltedPassword = true

PS: As a general practice, passwords are stored as hashes which do not allow fiding the plain text value. If passwords are encrypted, the plain text values can be found.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Upgrading WSO2 IS 5.9 to WSO2 IS 5.10 failed due to “Unknown column 'UM_USER_ID' in 'field list'” What is the WSO2 endpoint to get the user by code Wso2 User getting unauthorized User Management Tables are not shared between WSO2 products Getting the roles of a user in wso2 WSO2 User self registration WSO2 API User Mangement Extend wso2 user store WSO2 IS authenticate PKI user Issue with WSO2 user management
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM