go to  ForumEasy.com   
LdapPro  
 
 
   Home  |  MyForum  |  FAQ  |  Archive    You are not logged in. [Login] or [Register]  
Forum Home » SIMPLE & SASL Binding » When and Why DIGEST-MD5 Authentication Does Not Work?
Email To Friend  |   Set Alert To This Topic Rewarding Points Availabe: 0 (What's this) New Topic  |   Post Reply
Author Topic: When and Why DIGEST-MD5 Authentication Does Not Work?
lamazimagari
member
offline   
 
posts:
joined: 03/28/2013
from: Istanbul
Turkey
  posted on: 03/28/2013 08:58:48 AM    Edit  |   Quote  |   Report 
sending encrypted password to LDAP server(Active Directory 2008)
Hi everyone,

I could successfully login to AD with a clear-text password using the MD5 Digest authentication, additionally as you said before JNDI performs SASL encryption / Hash work on behalf of us, so everything works fine. However my problem is that, I want to hash my password on my own or any external device sends its passwords in encrypted form, so I must send the encrypted data to AD but it does not work when I change my password to encrypted. Is there any way to prevent JNDI to perform hashing the password?

I would greatly appreciate any help.

Thanks.

 Profile | Reply Points Earned: 0
lamazimagari
member
offline   
 
posts:
joined: 03/28/2013
from: Istanbul
Turkey
  posted on: 03/28/2013 09:11:40 AM    Edit  |   Quote  |   Report 
sending encrypted password to LDAP server(Active Directory 2008)
Hi everyone,

I could successfully login to AD with a clear-text password using the MD5 Digest authentication, additionally JNDI performs SASL encryption / Hash work on behalf of us, so everything works fine. However my problem is that, I want to hash my password on my own or any external device sends its passwords in encrypted form, so I must send the encrypted data to AD but it does not work when I change my password to encrypted. Is there any way to prevent JNDI to perform hashing the password?

" String pass = null;
MessageDigest md;
try {
md = MessageDigest.getInstance("MD5");
md.update(original.getBytes());
byte[] digest = md.digest();
StringBuffer sb = new StringBuffer();
for (byte b : digest) {
sb.append(Integer.toHexString((int) (b & 0xff)));
}
pass = sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
Then I use this "pass" into my codes as:
env.put(Context.SECURITY_CREDENTIALS, pass );

"

I would greatly appreciate any help.

Thanks.
 Profile | Reply Points Earned: 0
lamazimagari
member
offline   
 
posts:
joined: 03/28/2013
from: Istanbul
Turkey
  posted on: 03/28/2013 09:26:55 AM    Edit  |   Quote  |   Report 
sending encrypted password to LDAP server(Active Directory 2008)
Hi everyone,

I could successfully login to AD with a clear-text password using the MD5 Digest authentication, additionally JNDI performs SASL encryption / Hash work on behalf of us, so everything works fine. However my problem is that, I want to hash my password on my own or any external device sends its passwords in encrypted form, so I must send the encrypted data to AD but it does not work when I change my password to encrypted. Is there any way to prevent JNDI to perform hashing the password?

" String pass = null;
MessageDigest md;
try {
md = MessageDigest.getInstance("MD5");
md.update(original.getBytes());
byte[] digest = md.digest();
StringBuffer sb = new StringBuffer();
for (byte b : digest) {
sb.append(Integer.toHexString((int) (b & 0xff)));
}
pass = sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
Then I use this "pass" into my codes as:
env.put(Context.SECURITY_CREDENTIALS, pass );

"

I would greatly appreciate any help.

Thanks.
 Profile | Reply Points Earned: 0
lamazimagari
member
offline   
 
posts:
joined: 03/28/2013
from: Istanbul
Turkey
  posted on: 03/28/2013 11:13:09 AM    Edit  |   Quote  |   Report 
sending encrypted password to LDAP server(Active Directory 2008)
Hi everyone,

I could successfully login to AD with a clear-text password using the MD5 Digest authentication, additionally JNDI performs SASL encryption / Hash work on behalf of us, so everything works fine. However my problem is that, I want to hash my password on my own or any external device sends its passwords in encrypted form, so I must send the encrypted data to AD but it does not work when I change my password to encrypted. Is there any way to prevent JNDI to perform hashing the password?

" String pass = null;
MessageDigest md;
try {
md = MessageDigest.getInstance("MD5");
md.update(original.getBytes());
byte[] digest = md.digest();
StringBuffer sb = new StringBuffer();
for (byte b : digest) {
sb.append(Integer.toHexString((int) (b & 0xff)));
}
pass = sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
Then I use this "pass" into my codes as:
env.put(Context.SECURITY_CREDENTIALS, pass );

"

I would greatly appreciate any help.

Thanks.
 Profile | Reply Points Earned: 0
Page:     1 [2]

 
Powered by ForumEasy © 2003-2005, All Rights Reserved. | Privacy Policy | Terms of Use
 
Get your own forum today. It's easy and free.