Add native salted hash support to AuthorizeIdentity/AddIdentity

[GoogleCodeExporter]

Salted password hashes are a common feature across multiple authentication 
systems. Providing support for them at the API level would be a good thing.

Proposal:

* A salt parameter can optionally be passed in to AddIdentity. In that case, 
credential will contain md5(credential:salt). The salt parameter is also added 
to a new identity column.
* When authorizing, AuthorizeIdentity checks if a salt value is present in the 
database. If so, md5(input:salt) is compared against the credential column 
instead of a direct comparison

Thoughts? Is this the right approach?

Original issue reported on code.google.com by jhurlima...@gmail.com on 16 Jun 2010 at 1:45

[GoogleCodeExporter]

Marking this as WontFix since we have a (md5 only) solution for the moment and 
implementing this would break things like the RobustMigration tool. It will 
probably be more realistic to have hard-coded support for specific hashing 
algorithms in AuthorizeIdentity rather than trying to do a universal salting 
solution.

Original comment by jhurlima...@gmail.com on 28 Jul 2010 at 11:23

• Changed state: WontFix
• Added labels: Priority-Low
• Removed labels: Priority-Medium