String encryptedPw = UsersDAO.getEncyptedPw(username_clean);
Would you like provice the package of "
I think you missed the config for passwordAsAttribute . Make sure that you have
in the configuration of org.exoplatform.services.organization.idm.PicketLinkIDMOrganizationServiceImpl
Anyway, why did you need to get back the password? For authenticate purpose, there is already authenticate method
Thanks for your answers.
@Minh: according to gatein documentation, setting passwordAsAttribute to true means that passwords are stored as plain text (not encrypted), but I want them to be encrypted in db. By the way, I need password not for auth purpose, but beacause I need to call a web service to update an exteral system.
@tung: I will try to chage (one day...now we don't have time!) that statement and see what happens.
Anyway, for now we have removed that piece of code.
You need password for authorization on called web service? If it is the case, using OAuth protocol (with GateIn as OAuth provider and the web service as OAuth consumer) enables you to call web service without having to send user password.
Actually I still don't get why you need to get the password, Andy ? For me, we should not touch to the persisted password (even with encrypted one) in most of cases.
Could you describe your usecase / need in details ? So we might provide a proper solution to solve it.
I don't want to touch the password and I don't need it for authorization.
We have a page in which we can create a new user via gatein API. The customer requirement is to send the encrypted password to another system, calling a web service (actually, i don't know why...).
So you probably need to set up passwordAsAttribute to get back the plain password and encrypt it by yourself before sending to another system if needed.
Anyway I highly recommend you to clarify the usecase with customer to find out the best solution, as it's not a normal business to touch the password in most of case.