HtPasswdStore and SessionStore with HtPasswdHashMethod share hash type selection option
|Reported by:||hasienda||Owned by:||hasienda|
|Severity:||major||Keywords:||auth hash htpasswd|
Upon implementing #8933 I recognized, that the hash type selection of HtPasswdStore has been reused verbatim in HtPasswdHashMethod for SessionStore.
This is insane (for defining same option twice) and troublesome for someone aiming at use of both authentication stores in parallel, because different hash types are ultimately impossible to achieve. Apparently situation is similar to the configuration option clash between both AbstractPasswordFileStore implementations (see #4677).
- has never been documented (most probably been unintended)
- is not easy to deduce from a non-developer point of view and
- contradicts the recent tendency of AcctMgr to support multiple authentication stores for store migration scenarios as well as for regular application,
it should be fixed.