[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: opeldap back-sql oracle with password-hash MD5 enabled
- To: openldap-software@openldap.org
- Subject: Re: opeldap back-sql oracle with password-hash MD5 enabled
- From: Nikethan Nagula Raja <nikethan@us-buxton.com>
- Date: Tue, 9 Feb 2010 10:43:43 -0800
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type:content-transfer-encoding; bh=vaMzmCegdppFHAEO37LEcBjSJcCmPwp8ruo3pvZfIdw=; b=kqBc933FDM7V8ShqJhHAi6X69VGxVFzwmPz5FfkABR0OqajgJwclXZP5XDlKRt127D 9bAMRd85sKrnxX/6VGDU/FKSjoA6MDuIjlM7YFfJgUBQjEbPU1gcmcUbfvUPQ7zxhZne F9nbQjFNZy6itmxPKjU9bYeDJSkj1hCwyV96A=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=m46/aAJZ83EbmZE/bRFzhfVcqTHFQM2e+uA6uJ1hDZq7phbwJ+m4uuwJRMzOrz+TgX q9z22OJxB0s88lRqLJc56Po9uQR88vUmLvPg3ODu0wkJqE5mzAYpqN/wSglxVBIX4FTm qdj5r8ztPRFjarzFzbJL8NA2aPwQIwXCd8OuM=
- In-reply-to: <201002091220.38154.bgmilne@staff.telkomsa.net>
- References: <236905e71002042058y73019f5cjfe9a88312f36f22f@mail.gmail.com> <201002091220.38154.bgmilne@staff.telkomsa.net>
I was using oracle dbms_obfuscation_toolkit.md5 to generate the
password hash as my back-end is oracle. When I tried to generate the
hash using slappasswd and store it in userPassword, it works fine.
Now I need to understand why the hash generated by oracle
dbms_obfuscation_toolkit.md5 is different from slappasswd.
select md5_hash('123456') dual;
E10ADC3949BA59ABBE56E057F20F883E
CREATE OR REPLACE FUNCTION MD5_HASH (v_input_string in varchar2)
RETURN VARCHAR2 IS
v_checksum VARCHAR2(20);
BEGIN
v_checksum := dbms_obfuscation_toolkit.md5 (input_string => v_input_string);
RETURN utl_raw.cast_to_raw(v_checksum);
END;
/
Thanks a lot for pointing me right direction.
-Nikethan
On Tue, Feb 9, 2010 at 3:20 AM, Buchan Milne <bgmilne@staff.telkomsa.net> wrote:
> On Friday, 5 February 2010 05:58:01 Nikethan Nagula Raja wrote:
>> All,
>>
>> We are implementing openldap using oralce as backend and every thing
>> is up and running fine with out any issues. Now we have an
>> additional requirement to hash the cleartext passwords in oracle
>> database for ldap users. Now instead of storing cleartext passwords,
>> I'm storing passwords in the same database column but prefix of the
>> schema in braces and MD5 hash value.
>>
>> Lets say if we have a user - jsmith with password 123456
>>
>> I would store the {MD5}e10adc3949ba59abbe56e057f20f883e in the
>> database column (userPassword).
>
> How did you come to this format?
>
> Surely you should use the same format OpenLDAP generates (e.g. slappasswd -h
> {MD5}), e.g.:
>
> $ /usr/sbin/slappasswd -h {MD5} -s 123456
> {MD5}4QrcOUm6Wau+VuBX8g+IPg==
>
>
> Regards,
> Buchan
>
--
Thanks,
Nikethan
312 953 7538