Configuration of Custom Crypt-Style
You can use custom Crypt-Types, but you should decide during installation which Type of encryption you want to use. By default two type are available:
- org.apache.openmeetings.util.crypt.MD5Implementation - this uses common MD5 Crypt like PHP does, this is the default one (results in something like: fe01ce2a7fbac8fafaed7c982a04e229)
- org.apache.openmeetings.util.crypt.MD5CryptImplementation - does use BSD-Style of encryption using a salt (results in something like: $1$GMsj7F2I$5S3r9CeukXGXNwf6b4sph1)
You can edit the config-key during Installation or later in the Administration Panel. But if you change it using the Administration-Panel previous passwords might be not working anymore as they are encrypted with another algorithm.
Configuration of Custom Crypt-Style
To add your own crypt style you need to write a class which implements the interface: org.apache.openmeetings.util.crypt.ICrypt
Example of an Implementation:
package org.apache.openmeetings.util.crypt; import static org.apache.openmeetings.util.OpenmeetingsVariables.webAppRootKey; import java.security.NoSuchAlgorithmException; import org.red5.logging.Red5LoggerFactory; import org.slf4j.Logger; public class MD5Implementation implements ICrypt { private static final Logger log = Red5LoggerFactory.getLogger(MD5Implementation.class, webAppRootKey); /* * (non-Javadoc) * @see org.apache.openmeetings.utils.crypt.ICrypt#hash(java.lang.String) */ @Override public String hash(String str) { String passPhrase = null; try { passPhrase = MD5.checksum(str); } catch (NoSuchAlgorithmException e) { log.error("Error", e); } return passPhrase; } /* * (non-Javadoc) * @see org.apache.openmeetings.utils.crypt.ICrypt#verify(java.lang.String, java.lang.String) */ @Override public boolean verify(String str, String hash) { return hash != null && hash.equals(hash(str)); } }
To add your own Encryption-Class you need to add your class to the OpenMeetings-Webapp (make it available to the webapp-classpath) and use your custom-class-name instead of org.apache.openmeetings.util.crypt.MD5Implementation during the Installation or at runtime by editing the config-key crypt_ClassName
Configuration of Custom Crypt-Style
credits goto Mika for sharing his Implementation of the MD5Crypt-Style