Joget DX 8 Stable Released
The stable release for Joget DX 8 is now available, with a focus on UX and Governance.
...
English |
---|
The Security Enhanced Directory Manager features enhanced security and control on user management.
Once SEDM is configured, stronger password encryption for local accounts will take over. (Security Enhanced Directory Manager uses the SHA 256 encryption to store the password._ Be careful when disabling SEDM plugin, as this will cause all local passwords to be invalid. See here for Disabling Plugin Enabling PluginSimply go to System Settings -> Directory Manager Settings to enable and configure. |
...
Panel | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||
Once the plugin is enabled, users' password would be stored using a new encryption method. Disabling the plugin would cause all the users not to be able to login anymore as the default encryption method is effectively changed. Security Enhanced Directory Manager uses the SHA 256 encryption to store the password. For example, the old standard encrypted hash for "User@123" is "448ddd517d3abb70045aea6929f02367" using MD5. If you then later remove/disable the SEDM plugin, the password is unchanged at SHA 256 encryption. Because the SEDM is not in play anymore, Joget is unable to authenticate the username because it is expecting the password to be the old MD5 encryption. Do note that passwords once changed to the new SHA 256 Encryption cannot be changed back to MD5. You can also run the following query to update the "dir_user" table back to the old password - An example of the SQL query is as follows:
The "5f4dcc3b5aa765d61d8327deb882cf99" value is the word "password" using the old encryption.
|
...