You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Erik Beijnoff <er...@addsystems.com> on 2003/12/01 16:09:48 UTC
Problem with trimmed SHA stored passwords in database
Hello. I'm using James connected to a SQL Server, storing the users in a
table. I'm having a trimming problem with the password hash generated
by James. After adding a user with telnet with the password "testing",
the key below is stored in the db:
3HJK8Y+91OWRifX+dopfgxFS
However, when I generate the password directly from code, I get a
slightly longer hash:
3HJK8Y+91OWRifX+dopfgxFScFA=
As you can see, the last few characters generated from my own code is
cropped in the password generated by James. This means that I'm having a
bit of a problem adding users with anything else then James and telnet.
Any idea why this occurrs and how to solve it?
Regards Erik Beijnoff
Password generating code below:
-----------------------------------------------------------------------
String hashThis= "testing";
try {
byte[] bytes= hashThis.getBytes("UTF-8");
java.security.MessageDigest messageDigest=
java.security.MessageDigest.getInstance("SHA");
messageDigest.update(bytes);
byte[] raw= messageDigest.digest();
String hash = (new sun.misc.BASE64Encoder()).encode(raw);
System.out.println("Result:" + hash);
} catch (java.security.NoSuchAlgorithmException ne) {
//
} catch (java.io.UnsupportedEncodingException ue) {
//
}
-----------------------------------------------------------------------
RE: Problem with trimmed SHA stored passwords in database
Posted by Erik Beijnoff <er...@beijnoff.com>.
Thank you. Sorry for the double post.
Regards Erik Beijnoff
-----Ursprungligt meddelande-----
Från: Noel J. Bergman [mailto:noel@devtech.com]
Skickat: 01 December 2003 17:01
Till: James Users List
Ämne: RE: Problem with trimmed SHA stored passwords in database
> I'm having a trimming problem with the password hash generated by
> James.
> when I generate the password directly from code
Here is what James uses:
http://cvs.apache.org/viewcvs/james-server/src/java/org/apache/james/sec
urit
y/DigestUtil.java?annotate=1.6.4.2
The password code starts on line 183. The class has a main, and you can
run it standalone.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
RE: Problem with trimmed SHA stored passwords in database
Posted by "Noel J. Bergman" <no...@devtech.com>.
> I'm having a trimming problem with the password hash generated
> by James.
> when I generate the password directly from code
Here is what James uses:
http://cvs.apache.org/viewcvs/james-server/src/java/org/apache/james/securit
y/DigestUtil.java?annotate=1.6.4.2
The password code starts on line 183. The class has a main, and you can run
it standalone.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org