Announcement Announcement Module
Collapse
No announcement yet.
How to store an encrypted password to ldap Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to store an encrypted password to ldap

    Hello Everybody

    I want to save a SHA-Encrypted password into a ldap database.
    The problem is, that after I updated the new password, the user can't login anymore! How I have to save the password to the ldap database?

    What I do:
    Before saving the User to the ldap I encrypt the Passwort to a SHA string.
    When I look into the LDAP-Database the user have the correct SHA string in BASE64.
    When I try to login always get the error Bad Credentials.

    When I change the password with a external tool the login works.

  • #2
    I found a solution
    You have to encrypt your password like this:
    public static byte[] encodePassword(String password) {
    MessageDigest md;
    StringBuffer hexString = new StringBuffer();

    try {
    md = MessageDigest.getInstance(SHA);
    } catch (NoSuchAlgorithmException e) {
    log.error("Unexpected error encoding password ", e);
    e.printStackTrace();
    return new byte[0];
    }
    hexString.append("{" + SHA + "}");

    md.reset();
    try {
    md.update(password.getBytes("UTF-8"));
    } catch (UnsupportedEncodingException e) {
    log.error("Unexpected error encoding password ", e);
    e.printStackTrace();
    return new byte[0];
    }

    byte[] buff = md.digest();
    hexString.append(CBBase64.binaryToString(buff));
    try {
    return hexString.toString().getBytes("UTF-8");
    } catch (UnsupportedEncodingException e) {
    log.error("Unexpected error encoding password ", e);
    e.printStackTrace();
    return new byte[0];
    }
    }
    The CBBase64 Class can be found here:
    http://jxplorer.svn.sourceforge.net/...ommons/cbutil/

    Comment

    Working...
    X