directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Arnaud Marcelot ...@marcelot.net>
Subject Re: ApacheDS - DIGEST-MD5 - INVALID_CREDENTIALS: DIGEST-MD5: cannot acquire password
Date Tue, 10 Jul 2012 10:22:28 GMT
Here's the procedure for ApacheDS 2.0.0-M7.

You should deactivate the Password Hashing interceptor and the Password Policy.

To do so, you need to switch the 'enabled' attribute to 'false' on both entries:
- ads-interceptorId=passwordHashingInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
- ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config

Then, you need to restart the server.

ApacheDS should accept plain text password from now on.

Regards,
Pierre-Arnaud

On 10 juil. 2012, at 12:08, rJassal wrote:

> 
> Any pointer for this.
> I tried with Apaches 1.5.7 and getting same error.
> 
> 
> 
> rJassal wrote:
>> 
>> Yes, password is stored in salted-SHA hashes.(I can see this once
>> connected using Apache Studio).
>> But in my ldif file I provided the password as plain text.
>> userpassword:: secret
>> 
>> Where can I configure ApachesDS not to store my password in SHA hashes?
>> 
>> 
>> Kiran Ayyagari-2 wrote:
>>> 
>>> DIGEST-MD5 requires the password to be stored in plain text in the
>>> server.
>>> check if your password is stored in plain text or not, by default
>>> ApacheDS stores the
>>> passwords in salted-SHA hashes
>>> 
>>> On Mon, Jul 9, 2012 at 12:36 PM, rJassal <jassal.ravinderjit@gmail.com>
>>> wrote:
>>>> 
>>>> Hi,
>>>> 
>>>> I am working with ApacheDS 2.0.0-M7 release and trying to connect using
>>>> DIGEST-MD5 mechanism using the below code.
>>>> 
>>>> 
>>>>        Hashtable env = new Hashtable();
>>>> 
>>>>        env.put(Context.INITIAL_CONTEXT_FACTORY,
>>>> "com.sun.jndi.ldap.LdapCtxFactory");
>>>>        env.put(Context.PROVIDER_URL, "ldap://ldap.example.com:10389");
>>>> 
>>>>        env.put(Context.SECURITY_PRINCIPAL, "mborn");
>>>>        env.put(Context.SECURITY_CREDENTIALS, "secret");
>>>>        env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5");
>>>>        env.put( "java.naming.security.sasl.realm", "example.com" );
>>>> 
>>>>        InitialDirContext ctx = new InitialDirContext(env);
>>>> 
>>>> But I am getting this error 'INVALID_CREDENTIALS: DIGEST-MD5: cannot
>>>> acquire
>>>> password'.
>>>> 
>>>> Can anyone please help me in this?
>>>> Am I doing something wrong in the code or do I need to make some
>>>> configuration changes in ApacheDS?
>>>> --
>>>> View this message in context:
>>>> http://old.nabble.com/ApacheDS---DIGEST-MD5---INVALID_CREDENTIALS%3A-DIGEST-MD5%3A-cannot-acquire-password-tp34132601p34132601.html
>>>> Sent from the Apache Directory Project mailing list archive at
>>>> Nabble.com.
>>>> 
>>> 
>>> 
>>> 
>>> -- 
>>> Kiran Ayyagari
>>> 
>>> 
>> 
>> 
> 
> -- 
> View this message in context: http://old.nabble.com/ApacheDS---DIGEST-MD5---INVALID_CREDENTIALS%3A-DIGEST-MD5%3A-cannot-acquire-password-tp34132601p34138828.html
> Sent from the Apache Directory Project mailing list archive at Nabble.com.
> 


Mime
View raw message