[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: opeldap back-sql oracle with password-hash MD5 enabled

I was using oracle dbms_obfuscation_toolkit.md5 to generate the
password hash as my back-end is oracle. When I tried to generate the
hash using slappasswd and store it in userPassword, it works fine.

Now  I need to understand why the hash generated by oracle
dbms_obfuscation_toolkit.md5 is different from slappasswd.

select  md5_hash('123456') dual;


CREATE OR REPLACE FUNCTION MD5_HASH (v_input_string in varchar2)
    v_checksum VARCHAR2(20);
   v_checksum := dbms_obfuscation_toolkit.md5 (input_string => v_input_string);
   RETURN utl_raw.cast_to_raw(v_checksum);

Thanks a lot for pointing me right direction.


On Tue, Feb 9, 2010 at 3:20 AM, Buchan Milne <bgmilne@staff.telkomsa.net> wrote:
> On Friday, 5 February 2010 05:58:01 Nikethan Nagula Raja wrote:
>> All,
>> We are implementing openldap using oralce as backend and every thing
>> is up and running fine  with out any issues.  Now we have an
>> additional requirement to hash  the cleartext passwords in oracle
>> database for ldap users. Now instead of storing cleartext passwords,
>> I'm storing passwords in the same  database column but prefix of the
>> schema in braces and MD5 hash value.
>> Lets say if we have a user - jsmith with password 123456
>> I would store the {MD5}e10adc3949ba59abbe56e057f20f883e     in  the
>> database column (userPassword).
> How did you come to this format?
> Surely you should use the same format OpenLDAP generates (e.g. slappasswd -h
> {MD5}), e.g.:
> $ /usr/sbin/slappasswd -h {MD5} -s 123456
> {MD5}4QrcOUm6Wau+VuBX8g+IPg==
> Regards,
> Buchan


312 953 7538