You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cloudstack.apache.org by Ian Duffy <ia...@ianduffy.ie> on 2013/06/21 11:38:41 UTC

[GSoC] Encrypted passwords on LDAP.

Hi Guys,

I'm using JNDI to connect to LDAP for user authentication. At the
moment I'm just testing against an OpenLDAP server.

I have my Context.SECURITY_AUTHENTICATION set to simple, however when
some password encryption are used within LDAP it fails. Any idea how
to solve this?

clear - works
blowfish - fails
crypt - works
ext_des - works
md5 - works
k5key - fails
md5crypt - works
sha - works
smd5 - fails
ssha - works
sha512 - fails

Re: [GSoC] Encrypted passwords on LDAP.

Posted by Abhinandan Prateek <ag...@gmail.com>.

On 01-Jul-2013, at 2:57 PM, Sebastien Goasguen <ru...@gmail.com> wrote:

> On 6/21/13 11:38 AM, Ian Duffy wrote:
>> Hi Guys,
>> 
>> I'm using JNDI to connect to LDAP for user authentication. At the
>> moment I'm just testing against an OpenLDAP server.
>> 
>> I have my Context.SECURITY_AUTHENTICATION set to simple, however when
>> some password encryption are used within LDAP it fails. Any idea how
>> to solve this?
>> 
>> clear - works
>> blowfish - fails
>> crypt - works
>> ext_des - works
>> md5 - works
>> k5key - fails
>> md5crypt - works
>> sha - works
>> smd5 - fails
>> ssha - works
>> sha512 - fails
>>   
> 
> Abhi, thoughts on Ian's question here ?
> 

Me and Ian have synced on this. Though I have not much idea on this, it seems that for a particular encryption to work the system's crypt library should support it.

-abhi

Re: [GSoC] Encrypted passwords on LDAP.

Posted by Sebastien Goasguen <ru...@gmail.com>.

On 6/21/13 11:38 AM, Ian Duffy wrote:
> Hi Guys,
>
> I'm using JNDI to connect to LDAP for user authentication. At the
> moment I'm just testing against an OpenLDAP server.
>
> I have my Context.SECURITY_AUTHENTICATION set to simple, however when
> some password encryption are used within LDAP it fails. Any idea how
> to solve this?
>
> clear - works
> blowfish - fails
> crypt - works
> ext_des - works
> md5 - works
> k5key - fails
> md5crypt - works
> sha - works
> smd5 - fails
> ssha - works
> sha512 - fails
>    

Abhi, thoughts on Ian's question here ?

thanks,

-sebastien