invalidHashAlgorithm!


Description

When logging in with the user the following messages appear in the log:


INFO : RMI TCP Connection(<PID>)-<IPADDRESS>: RMIServer: no-context: RMIServerImpl: invalidHashAlgorithm
WARNING: RMI TCP Connection(<PID>)-<IPADDRESS>: RMIServerService: no-context:
com.censhare.server.rmi.RMIServerException: !invalidHashAlgorithm!
at com.censhare.server.rmi.RMIServerImpl.throwLoginException(RMIServerImpl.java:742)
CODE


Cause

Starting with censhare version 5.8 a new hash-algorithm (SHA-256) is implemented to encrypt the user passwords. In some databases there are users whose passwords are still encrypted with the outdated hash-algorithm (MD5). These users cannot switch to admin mode. This is not a problem but a backward compatibility decision from development.

Solution

Re-create the user's password with the new hash algorithm. There are two ways to change the hash-algorithm:

  1. Via GUI java clients

  2. Via shell-based AdminClient (AdminClient.sh) and SQL query

GUI java client

  • Admin: Send new password to user:

    1. Log in to Admin client

    2. Go to Master Data -> Users -> Select the user

    3. Go to Server Actions -> Send new password

  • User: Login via java client and set the password using menu File -> Change password

Shell and SQL query

  1. Encrypt the password using command "digest PASSWORD"

[corpus@<server> ~]$ AdminClient.sh
Starting CoRPuS Admin Client
command: digest <testPassword>
Password digest: 7368613235363afe98d54977ead30dc278766ec6d2070a3a28ff7c8a062ba4a62068352006e7a740e170314ef2d398835a78ecb96da645a6
CODE

2. Update the user’s password in the database via SQL statement

update party set password=‘<digestedPassword>’ where login=‘<Username>’;
commit;
CODE