Thanks to Adaxa Australia -> http://adempiere.hg.sourceforge.net/hgweb/adempiere/contribution_adaxa/rev/6d9090d8a9f6
Ken Longnan for iDempiere integration work at -> https://bitbucket.org/longnan/idempiere-longnan
Juliana Corredor for further integration and tests on iDempiere and making the process safer and backward compatible via sysconfig
Carlos Ruiz (globalqss) peer reviewed, tested and finished some extra required
Sponsored by Trek Global -> http://www.trekglobal.com/
Implementation is backward compatible, by default iDempiere still uses plain passwords.
A new sysconfig system key was created USER_PASSWORD_HASH defaulting to false.
WARNING!!! Don't change this key directly, it must be changed running the process "Convert password to hashes" as System user.
Tests conducted (all passed):
backward compatibility: plain
backward compatibility: encrypted
new functionality: hash
extra security: hash+encrypted
extra security: encrypted+hash
idempiere monitor login
create new user via User window
create new user via webstore
reset password with process
reset password changing on User window
reset password changing on Contact/BP window
reset password via webstore
EXTENSIONS NOT TESTED
Those need to be checked if integrated to iDempiere
Thanks Anozi, I implemented a different solution here:
The method you proposed to change was deprecated and a different solution implemented.
We would appreciate if you help us to test the approach is right.