Bureaucrats, editor, reviewer, Administrators
13,550
edits
Changes
Jump to navigation
Jump to search
{{Mark|Warning}}: As the available md5 hashes cannot automatically be converted to the new format, existing credentials will be ignored, and you will need to recreate your user data. Moreover, we will incrementally provide new [[Clients|Language Bindings]], which will be based on the digest hashes.
no edit summary
Both local and global permissions are stored in the same file. '''Glob patterns''' are used for local database permissions. '''Salted sha256''' hashes are used for authentication (the current timestamp will be used as salt). Additionally, '''digest''' hashes are used in the client/server architecture and the [[Clients|Language Bindings]], and in the [[Web Application|HTTP Context]] if the [[Options#AUTHMETHOD|AUTHMETHOD]] is set to {{Code|Digest}}.
Please take care of usual security measures: ensure that your password will not end up in your bash history, avoid sending passwords via ordinary REST requests, etc.
