Rudder

Thanks for the feedback ! It seems that this "basic" behavior is not yet implemented.

François, could you look into this please ?

This is indeed important. Currently, it is impossible to set passwords unless we have the cleartext password.

Just a clarification of the title: this isn't about the userManagement technique, but the builtin field type "password" in Rudder.

Should this "feature" be added in Rudder 2.8 ?

This won't be done in 2.8.0, postponed to later version

So, do we agree that this ticket is not about the password field lacking something, as it actually has a "don't touch what I get you" choice (named PLAIN), that can be used both for disabling accounts or set prehashed password, but in the missing inclusion of that choice in the technique ?

Jon, could you explain why you consider it a hack (has it was one of the intended functionnality of that choice ?)

Benoit, have an idea on that one ?

First, the problem on the User management technique has been addressed for Alex case (None as a value for the password).

The problem for "passthrough" password is still there. The only option I see (even in Rudder 3.0) is: md5, sha256 or sha512, we are missing "PLAIN".

After analysis, PLAIN is supported by Rudder. So this is because the technique has never been updated to use it.
But I would like to say that Rudder should ignore this <PASSWORDHASH> </PASSWORDHASH> entry and use all available methods instead. We should not have to update all techniques each time Rudder implements a new scheme.

I'm not retargetting to 3.1 yet, but i think we should since it should be implemented in Rudder.

In fact, the list in <PASSWORDHASH></PASSWORDHASH> was a required feature so that we could easely add or remove provided scheme.

OK, so I would say that's a bug to not have "plain" in the list (and give it an other name/description).

Removing some can be usefull, but having to add them when we want all af them is counterproductive.
Can we have a "all" keyword for this field ?