From 5c4aee562b7fcb42f10aa62011e0ff6297cee867 Mon Sep 17 00:00:00 2001 From: ac2550 Date: Thu, 22 Mar 2018 17:04:06 +0100 Subject: Remove client usage of md5 Md5 usage introduce a security flow by reducing the amount of test needed for a brute force attack. Change-Id: Ifa4e6259d0a3fb06c91c03d1c67470ddd02284fc Issue-ID: CLAMP-143 Signed-off-by: ac2550 --- .../java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/main/java') diff --git a/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java b/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java index 4dff9ce1b..0f3d0d59e 100644 --- a/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java +++ b/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java @@ -130,7 +130,7 @@ public class CldsSecurityConfigUsers extends WebSecurityConfigurerAdapter { if ("bcrypt".equals(cldsEncoderMethod)) { return new BCryptPasswordEncoder(cldsBcryptEncoderStrength); } else { - throw new CldsConfigException("Invalid clamp.config.security.encoder value. Must be one of [bcrypt, none]"); + throw new CldsConfigException("Invalid clamp.config.security.encoder value. 'bcrypt' is the only option at this time."); } } } -- cgit 1.2.3-korg