I am migrating some data from joomla based cms system to spring based Java EE environment .
During analysis I found that md5 implementation of passwords is not same as joomla ??? Any idea why difference in md5 implementation ??
For example :
if joomla record had a password field like "3c57ebfec712312f30c3fd1981979f58:WnvTroeiBmd5bjGmmsVUnNjppadH7giK
" (here 3c57ebfec712312f30c3fd1981979f58
is final md5 hash digest and WnvTroeiBmd5bjGmmsVUnNjppadH7giK
is key to be appended with user password input) and when the user tries to login with this record in spring system it fails.
In spring based Java EE system , we use hash encoder as md5 and salt as some variable which is WnvTroeiBmd5bjGmmsVUnNjppadH7giK
here.
Junit Code snippet: This test case fails.
@Test
public void testSpringMD5Functionality() {
String md5MigratedPassword = "3c57ebfec712312f30c3fd1981979f58:WnvTroeiBmd5bjGmmsVUnNjppadH7giK";
String[] m = md5MigratedPassword.split(":");
Md5PasswordEncoder passwordEncoder = new Md5PasswordEncoder();
passwordEncoder.setEncodeHashAsBase64(false);
boolean value = passwordEncoder.isPasswordValid(m[0], "password", m[1]);
assertTrue(value); //test case fails ?????
}