[Geoserver-devel] [jira] (GEOS-5060) Changing password encryption for user group service prevents future logins

Justin Deoliveira created GEOS-5060:
---------------------------------------

             Summary: Changing password encryption for user group service prevents future logins
                 Key: GEOS-5060
                 URL: https://jira.codehaus.org/browse/GEOS-5060
             Project: GeoServer
          Issue Type: Bug
          Components: Security
    Affects Versions: 2.2-beta1
            Reporter: Justin Deoliveira
            Assignee: Christian Mueller
            Priority: Blocker
             Fix For: 2.2.x

Steps to reproduce.

1. Start with vanilla geoserver config and login in as admin
2. change password encoder to plain text from weak pbe on default user group service
3. save and restart geoserver
4. login as admin

Login fails because the new password encryptor is unable to handle the actual password stored on the disk which is the previously encrypted one.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira