[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Storing of passwords
At 05:45 AM 5/18/01, Jakob Breivik Grimstveit wrote:
>I'm using some Javacode for generation LDAP passwords.
If you are storing RFC 2256 userPassword values, a portable
client should just provide the password in cleartext or, if
the server supports it, use the modify password extended
operation (RFC 3060] to change the password.
If you really must implement RFC 2307 (experimental) passwords
in your client, I suggest you look at the FAQ and documents
it links for examples.
http://www.openldap.org/faq/index.cgi?file=419
This Netscape technote is also quite useful (and is noted in our
FAQ):
http://developer.netscape.com:80/docs/technote/ldap/pass_sha.html
In looking at your code, it seems you have not base64 encoded
the SHA-1 hash.
Kurt
>Is this code
>sufficient? Or is there anything else I've got to do?
>
>There seems to be some differences in the way the passwords are stored,
>using an LDAPbrowser compared with my java code.
>
>private String encryptPassword(String toEncrypt) {
> byte[] hash=toEncrypt.getBytes();
>
> try {
> MessageDigest sha = MessageDigest.getInstance ("SHA");
> sha.update(toEncrypt.getBytes());
> toEncrypt=new String(sha.digest());
> } catch (NoSuchAlgorithmException nsae) {
> System.out.println("LDAPInterface | NoSuchAlgorithmException: "
>+ nsae);
> }
> return toEncrypt;
>}
>
>It returns something like 'CÀsOE}§Ïd.ËvíÇsQs"?'
>
>Is this correct? Do I have to prepend something? Is the encryption
>algorithm correct (using SHA-1)?
>
>Looking forward to some helpful replies!
>
>
>- Vyrdsamt...
>- Jakob Breivik Grimstveit, jakob@grimstveit.net, www.grimstveit.net
>- Morvikbotn 341, 5121 Ulset, tlf: 55195667, mob: 98833857
>- Applikasjonsutvikler, Reaktor AS, jakob.grimstveit@reaktor.no,
>55557484
>
>"I love deadlines. I love the whooshing noise they make as they go by."
>-Douglas Adams