Authenticating the user supplied password with the password stored in the LDAP
2 posts in topic
Flat View  Flat View
Older Post First |   Reply to Topic
TOPIC ACTIONS:
 

Posted By:   krishna_moorthy
Posted On:   Wednesday, May 18, 2005 08:23 AM

I want to compare the user supplied password with the password stored in the LDAP, Basically the password stored
in LDAP is encrypted, When I search with the user id
and retrieved the password from the ldap and compared with
the user supplied password. The comparision doesnot works
say for ex
when I tried to print the password it is 3458394302
but the user supplied password is REXSSS..
Is there any way to compare the password.
I am using JNDI...

Report | Quote This | Send private message | Reply | Print

Re: Authenticating the user supplied password with the password stored in the LDAP

Posted By:   Thomas_Maier  
Posted On:   Monday, July 18, 2005 10:47 AM


You have to do a bind on the LDAP Server. Like:

...

Hashtable env = new Hashtable();

env.put(Context.INITIAL_CONTEXT_FACTORY,
	
"com.sun.jndi.ldap.LdapCtxFactory");

env.put(Context.PROVIDER_URL, "ldap://:389/");

env.put(Context.SECURITY_PRINCIPAL, loginname);

	env.put(Context.SECURITY_CREDENTIALS, password);

try {

    DirContext ctx = new InitialDirContext(env);

...

If the bind succeeds, the password is compared by the
LDAP-Server.
Report | Quote This | Send private message | Reply | Print

Re: Authenticating the user supplied password with the password stored in the LDAP

Posted By:   Christopher_Koenigsberg  
Posted On:   Saturday, May 21, 2005 06:18 PM

Sounds like 1-way encryption (really a hash). If so, you will presumably have to encrypt your copy, using the same algorithm as the LDAP database does, and then compare the 2 encrypted copies.
Report | Quote This | Send private message | Reply | Print
About | Sitemap | Contact