You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-user@james.apache.org by andy <an...@hazlorealidad.com> on 2005/06/17 07:10:53 UTC

Format of passwords in user table

I am using the database user table and want to insert a user firectly
into the table using mysql however when I insert a password using the
sha() mysql function the file shows that the SHA is much larger than
what was created by the manager program. 


| username | pwdHash                                  | pwdAlgorithm |
useForwarding | forwardDestination | useAlias | alias |
| previous | +EwURJq9UhB2bCcWq4dDiFH8                 | SHA          |
0 | NULL               |        0 |       |
| testit   | 30274c47903bd1bac7633bbf09743149ebab805f | SHA          |
0 | NULL               |        0 |       |

The user created by hand doesnt validate.

What is the format I should use to insert a user into the database?

Thanks in advance

Andy Bailey



---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org

RE: Format of passwords in user table

Posted by Jason Webb <jw...@inovem.com>.

If you look in DefaultUser.java for the method setPassword(String newPass)
you'll find 

hashedPassword = DigestUtil.digestString(newPass, algorithm);

where the algorithm is always "SHA"

So in answer to your question, use the Java SHA implementation rather than
the MySQL one. I don't know enough about SHA to tell you why they are
different.

-- Jason

> -----Original Message-----
> From: andy [mailto:andy@hazlorealidad.com]
> Sent: 17 June 2005 06:11
> To: James Users List
> Subject: Format of passwords in user table
> 
> I am using the database user table and want to insert a user firectly
> into the table using mysql however when I insert a password using the
> sha() mysql function the file shows that the SHA is much larger than
> what was created by the manager program.
> 
> 
> | username | pwdHash                                  | pwdAlgorithm |
> useForwarding | forwardDestination | useAlias | alias |
> | previous | +EwURJq9UhB2bCcWq4dDiFH8                 | SHA          |
> 0 | NULL               |        0 |       |
> | testit   | 30274c47903bd1bac7633bbf09743149ebab805f | SHA          |
> 0 | NULL               |        0 |       |
> 
> The user created by hand doesnt validate.
> 
> What is the format I should use to insert a user into the database?
> 
> Thanks in advance
> 
> Andy Bailey
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org