Setting SSHA password in LDAP from Spring

Question

Setting SSHA password in LDAP from Spring

I'm having problems with how to save a password in Apache DS LDAP in an SSHA hash instead of plain text. As far as I can tell, the right way to do this is to configure Apache DS to use SSHA to store passwords, and then send only plain text when setting up the password. However, I cannot decide how to configure Apache DS for this.

I moved the Hashed password to LDAP (using the admin interface for LDAP), and Apache DS correctly authenticates against the correct password. However, I need to insert a password from our Java application. This may not be an unusual request, so I have to miss something.

Here is my code to set a password from java using the LdapTemplate interface from org.springframework.ldap.core

public void storeNewPassword(final String userId, final String password) {

    final DistinguishedName dn = new DistinguishedName("dc=users,dc=pms,dc=com");
    dn.add("uid", userId);

    Attribute pass = new BasicAttribute("userpassword", password);

    final ModificationItem mi = new ModificationItem(
        DirContext.REPLACE_ATTRIBUTE,
        pass);
    ldapTemplate.modifyAttributes(dn, new ModificationItem[] {mi});

}

, Apache DS, , :

, - , , , Apache DS SSHA .

+4

java spring security ldap apacheds

Ken 26 . '13 15:17

1

user1907906 · Answer 1 · 2014-02-19T15:36:07+0000

, , . .

MD5, :

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;

public class PasswordUtil {
  public String hashAndEncodePassword(String password) {
    final byte[] md5 = DigestUtils.md5(password.trim().getBytes("UTF-8"));
    final byte[] base64 = Base64.encodeBase64(md5);
    final String hashedAndEncoded = new String(base64, "ASCII");
    return "{MD5}" + hashedAndEncoded;
  }
}

, DigestUtils.md5 .

, {SSHA}, .

Setting SSHA password in LDAP from Spring

More articles: