.NET Buzz Forum - WS-Security: What if you are already Hashed?

Articles |
News |
Weblogs |
Books |
Forums

Artima Forums | Articles | Weblogs | Java Answers | News

Sponsored Link •

.NET Buzz Forum
WS-Security: What if you are already Hashed?

0 replies on 1 page.

Welcome Guest
Sign In

Back to Topic List

Reply to this Topic

Search Forum

Threaded View


Previous Topic		Next Topic

Flat View: This topic has 0 replies on 1 page

Scott Watermasysk

Posts: 661
Nickname: scottwater
Registered: Aug, 2003

Scott Watermasysk is an ASP.NET developers. He wrote the .Text blog engine.

WS-Security: What if you are already Hashed?

Posted: Sep 4, 2004 1:47 PM

This post originated from an RSS feed registered with .NET Buzz by Scott Watermasysk.
Original Post: WS-Security: What if you are already Hashed? Feed Title: ScottW's ASP.NET WebLog Feed URL: /error.aspx?aspxerrorpath=/blog/rss.aspx Feed Description: ASP.NET and Blogging	Latest .NET Buzz Posts Latest .NET Buzz Posts by Scott Watermasysk Latest Posts From ScottW's ASP.NET WebLog

So I have my passwords hashed and salted like a good boy. I am trying to validate a web service user against this data store. Based on a couple good examples from Don Smith here, I quickly put together a simple UsernameTokenManager.

Now comes time to validate my password...

But as far as I can tell, there is now way to "hook" into the password validation. So unless I hash+salt my password (before WSE applies it's own hash), I am SOL.

I found a couple other's with the same issue, but no clear solution. Anyone have any ideas? I would love to take advantage of WS-Security while still obeying KISS!

It's hard to believe this is not possible. The default Whidbey providers are going to store passwords the same way, so will they be locked out as well?

Read: WS-Security: What if you are already Hashed?

Previous Topic

Next Topic


	Web Artima.com