PAS for OpenEdge supports the use of the extended local user accounts model, which allows you to store encrypted user passwords in the users.properties file that is local to your instance’s web application. OpenEdge 11.7 supports several hashing algorithms for password encryption: bcrypt, sha256, sha512, and sha1. However, in OpenEdge 12, the only supported algorithm is bcrypt, which is set by default. The other algorithms are not supported in OpenEdge 12.

If you encrypted passwords with sha256, sha512, or sha1 in your OpenEdge 11.7 applications, then complete the following steps to upgrade the hashing algorithm to bcrypt:

  1. Obtain the original clear-text (unencrypted) password that you encrypted with GENSPRINGPWD.
  2. Encrypt the password with GENSPRINGPWD in OpenEdge 12. This generates the encrypted password using bcrypt.
  3. Copy the encrypted password and insert it into the corresponding entry in the instance’s users.properties file.

The following is the syntax for storing passwords in the users.properties file:

username=password, role1, [role2, ..., roleN, ] { enabled | disabled }

See Local and Extended Local user accounts in Manage Progress Application Server (PAS) for OpenEdge for more information about setting the extended local user accounts model.