Usually within the user authentication module of a system, username and password are preserved in a database or similar data structures, and moreover, the password should be encrypted first before being stored in the database for safety.
Here comes the issue about the encryption: should the encrypted password be associated with the username?
I don't know the answer (future work to do); but in my opinion, it should be.
Fact in User authentication of OpenNebula:
When doing the user authentication for oneadmin (default admin account), I always get the following error:
Error: [UserPoolInfo] User couldn't be authenticated, aborting call.
I digged deeper on this issue: I looked into the one.db and found that there is no password for oneadmin but I did set the password for it. Here is the output from user_pool table of one.db:
oid|user_name|password|enabled
0|oneadmin||1
I fixed this in a stupid but effective way: by updating its password field with the encrypted password of another account (which has the same password), which means in this case, encrypted password is NOT associated with the username.
No comments:
Post a Comment