[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problems coding password handling in PERL

To: Daniel Chester <dan@rentpayment.com>
Subject: Re: Problems coding password handling in PERL
From: Michael Ströder <michael@stroeder.com>
Date: Fri, 01 Jun 2001 14:10:38 +0200
Cc: Openldap-Software <openldap-software@OpenLDAP.org>
Organization: stroeder.com
References: <NEBBJAELOLPFOLEEAJJGAECNDCAA.dan@rentpayment.com>

Daniel Chester wrote:
> 
>         userPassword:: iwdMwvy4wuTFW/oPB5CPpHvRoCc=
> 
> (cleartext was 123happy)

(Reading Perl makes my eyes hurt but I try to answer your question
anyway. ;-)

Actually you stored a clear text password with binary chars. Read
RFC2307 to find out to use the prefix {SHA} followed by
base64-encoded SHA-hashed password. In LDIF your userPassword
attribute should look like:

userPassword: {SHA}iwdMwvy4wuTFW/oPB5CPpHvRoCc=
           ^^^
Note that this is *not* a base64-representation of a binary
attribute value.

http://developer.netscape.com/docs/technote/ldap/pass_sha.html even
does have Perl example.

Ciao, Michael.

Follow-Ups:
- RE: Problems coding password handling in PERL
  - From: "Daniel Chester" <dan@rentpayment.com>

References:
- Problems coding password handling in PERL
  - From: "Daniel Chester" <dan@rentpayment.com>

Prev by Date: Problems coding password handling in PERL
Next by Date: Re: delete an attribut
Index(es):
- Chronological
- Thread