Re: authentication and password saving

19 views
Skip to first unread message

Idan Shalom

unread,
Dec 13, 2017, 6:55:55 AM12/13/17
to Rajat Agrawal, rav...@googlegroups.com, Philip
community license has limit of 3 cores if you want more you will have to use other license.

Hibernating Rhinos Ltd  cid:image001.png@01CF95E2.8ED1B7D0

Idan Haim Shalom l Core Team Developer

Office: +972-4-622-7811 l Fax: +972-153-4-622-7811 l Skype: shalomidanhaim

RavenDB paving the way to "Data Made Simplehttp://ravendb.net


On Wed, Dec 13, 2017 at 1:11 PM, Rajat Agrawal <ragr...@flo.us.com> wrote:

Hello Idan,

 

When running RavenDB in cluster mode with community license I am getting an error message saying “The number of utilized cores is: 4, while the license limit is: 3 cores

I am running RavenDB nightly version - RavenDB-4.0.0-nightly-20171213-0814-windows-x64

PFA the error screenshot for reference.

 

-- 

Thanks & Regards,

Rajat Agrawal

Technical Architect|9818366173 |ragrawal@flo.us.com

 "Think Positive And Positive things

                  Will Happen"

 

From: Idan Shalom [mailto:id...@ayende.com]
Sent: 13 December 2017 14:57
To: rav...@googlegroups.com; Philip <pkr...@flo.us.com>; Rajat Agrawal <ragr...@flo.us.com>
Subject: authentication and password saving

 

Hi all, 

Continue our conversation I am sending all the information that you need.

 

How to put certificate in client api:

var path = "c:/server.pfx";
var cert = new X509Certificate2(path, "password if exists");
var cert2 = new X509Certificate2(path);
using (var store = new DocumentStore
{
    Urls = new []{"URL"},
    Database = "test",
    Certificate = cert2
}.Initialize())

 

Create a salt password and save it in raven

 

// We create the password from the user
Rfc2898DeriveBytes pkbdf2 = new Rfc2898DeriveBytes("ayende", 20, 1024);
var hash = pkbdf2.GetBytes(20);
var saltToSave = Convert.ToBase64String(pkbdf2.Salt);
var HashToSave = Convert.ToBase64String(hash);
you will have to save the salt and the hash in the database
you can save it inside the users structure or create a new database only for this 
information just remember not to fetch those fields only when you check them

 

Check the password when login

 

ar salt = Convert.FromBase64String("PUT HERE THE SALT FROM THE DB");
var hash = Convert.FromBase64String("PUT HERE THE HASH YOU GOT FROM THE DB");
 
Rfc2898DeriveBytes pkbdf2 = new Rfc2898DeriveBytes("ayende", salt, 1024);
var genHash = pkbdf2.GetBytes(20);
 
bool equal = true;// slow equals on purpose
for (int i = 0; i < genHash.Length; i++)
{
    equal &= genHash[i] == hash[i];
}
 
 Console.WriteLine("Match: " + equal);

 

Like I told you for extra security you can try and use the encrypt database

and I will send you a documentation as soon as this will be ready

 

Regards,

 

 


Hibernating Rhinos Ltd  cid:image001.png@01CF95E2.8ED1B7D0

Idan Haim Shalom l Core Team Developer

Office: +972-4-622-7811 l Fax: +972-153-4-622-7811 l Skype: shalomidanhaim

RavenDB paving the way to "Data Made Simplehttp://ravendb.net


Reply all
Reply to author
Forward
0 new messages