The passwordHasher property of the /atg/userprofiling/PropertyManager component points to a password hashing configuration utility that handles password encryption. The PasswordHasherConfigurer identifies the password hasher using the passwordKeyDerivationFunction that is identified in the pwdHasherComponentPath property in the userProfile.xml file.

The passwordHasher property of the /atg/userprofiling/PropertyManager component points to a password hasher component that handles password encryption. By default, this property is set as follows:

passwordHasher=/atg/dynamo/security/DigestPasswordHasher

Change this property to ensure consistency with the LDAP password encryption method you’ve chosen. For Oracle Directory Server, set the passwordHasher property like this:

passwordHasher=/atg/adapter/ldap/NDSPasswordHasher

The NDSPasswordHasher component supports SHA or no encryption. Set the encryption property of the /atg/adapter/ldap/NDSPasswordHasher to the appropriate value:

encryption=SHA

to use SHA password encryption, or

encryption=clearText

to disable password encryption.

For LDAP servers other than Oracle Directory Server, you may need to create your own PasswordHasher implementation, if none of the PasswordHasher implementations included in the Oracle Commerce Platform meet your requirements. See the Password Hashing section in the Customizing Application Security chapter of the Platform Programming Guide for more information.

See User Profiling Tools in the Working with User Profiles chapter for more information about configuring the PropertyManager component.