AnsweredAssumed Answered

How to configure Pentaho for JDBC authentication using a salt?

Question asked by Dan Keeley on Aug 28, 2018
Latest reply on Sep 13, 2018 by Dan Keeley

Hi,

 

I've got everything I need to do a simple setup of JDBC auth with Pentaho.  All our users, roles and authorities are already stored in some tables managed by an external application, so in theory it should be a quick win and mean we don't have to do any management of that side of things ourselves at all.

 

My only issue is that the password is hashed with a salt, which is stored on the user record.  Pretty normal behaviour.

 

I see you can support this in Spring using reflection but that assumes you already have your salt available in the UserDetails object. However I don't see any way to do this via configuration?

 

So; Is the only way to do this to start coding?  I see two options - extending userdetails to store the salt, or (hackier but possibly easier) creating a SaltSource that looks up the users salt from the db?

 

I got my (possibly mad) ideas from this post:

 

Adding Salt / UserDetailsManager - Spring Forum

 

Thanks,

Dan

Outcomes