Forum: Building VoltDB Clients

Post: Authentication with hashed password

Authentication with hashed password
Sabrina
Oct 16, 2015
Hello,

I'm using voltdb with a java application. I have modified the deployment.xml file, to use security and roles:

...
<security enabled="true"/>
<users>
<user name="sandra"
password="sandra"
roles="read_role" />
<user name="nicole"
password="nicole"
roles="write_role" />
<user name="sys-admin"
password="sys-admin"
roles="administrator" />

</users>
...

In the java application I modified the code, to use username/password:
...
org.voltdb.client.Client client = null;

ClientConfig config = null;
config = new ClientConfig("sys-admin","sys-admin");
...

Two questions arises:
1) Why are the passwords stored in clear text on the server? Is there any possibility to hash the password?
2) In the wireshark trace I cannot read the password - so there must be a form of hashing ... do you send username / hashed password to the server? In the trace I cannot identify a hash:

...;......database... sys-admin.(...J}{.T....{.V.........aA...!...=.................Pry.t........5.6_voltdb-5.6-0-g3743684-local...&....
@Subscribe.......... ....TOPOLOGY...(.....@Statistics.......... ....TOPO........,.....@SystemCatalog.......... ...
PROCEDURES........ DeleteAll...................................L.....................6...... . ...
PROCEDURE_CAT....PROCEDURE_SCHEM....PROCEDURE_NAME... RESERVED1... RESERVED2... RESERVED3....REMARKS....PROCEDURE_TYPE...
SPECIFIC_NAME...-................CUSTOMER.delete...............[{"partitionParameter":0,"partitionParameterType":5,"readOnly":false,"singlePartition":true}......CUSTOMER.delete................CUSTOMER.insert...............[{"partitionParameter":2,"partitionParameterType"
...

Best regards,
Sabrina
pzhao
Oct 19, 2015
Sabrina,
Here's a summary of the answers from Slack.
VoltDB uses SHA256 as of V5.3 and there's no encryption between VoltDB servers. To hash a password, please try 'voltdb mask'.
Peter Zhao