directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Arnaud Marcelot ...@marcelot.net>
Subject Re: ApacheDS - DIGEST-MD5 - INVALID_CREDENTIALS: DIGEST-MD5: cannot acquire password
Date Tue, 10 Jul 2012 12:16:45 GMT
Cool.

Let us know if you have any other issue.

Regards,
Pierre-Arnaud

On 10 juil. 2012, at 12:50, rJassal wrote:

> 
> Its working.
> I have to update the value for ads-searchBaseDN
> 
> 
> rJassal wrote:
>> 
>> Hi Pierre-Arnaud ,
>> 
>> Thanks for the reply.
>> Now ApacheDS is accepting the plain text password.
>> 
>> But still I am getting the error using the code I posted above. If
>> possible can you please let me know what is wrong with that code.
>> Thanks in advance.
>> 
>> 
>> 
>> Pierre-Arnaud Marcelot-2 wrote:
>>> 
>>> Here's the procedure for ApacheDS 2.0.0-M7.
>>> 
>>> You should deactivate the Password Hashing interceptor and the Password
>>> Policy.
>>> 
>>> To do so, you need to switch the 'enabled' attribute to 'false' on both
>>> entries:
>>> -
>>> ads-interceptorId=passwordHashingInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
>>> -
>>> ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
>>> 
>>> Then, you need to restart the server.
>>> 
>>> ApacheDS should accept plain text password from now on.
>>> 
>>> Regards,
>>> Pierre-Arnaud
>>> 
>>> On 10 juil. 2012, at 12:08, rJassal wrote:
>>> 
>>>> 
>>>> Any pointer for this.
>>>> I tried with Apaches 1.5.7 and getting same error.
>>>> 
>>>> 
>>>> 
>>>> rJassal wrote:
>>>>> 
>>>>> Yes, password is stored in salted-SHA hashes.(I can see this once
>>>>> connected using Apache Studio).
>>>>> But in my ldif file I provided the password as plain text.
>>>>> userpassword:: secret
>>>>> 
>>>>> Where can I configure ApachesDS not to store my password in SHA hashes?
>>>>> 
>>>>> 
>>>>> Kiran Ayyagari-2 wrote:
>>>>>> 
>>>>>> DIGEST-MD5 requires the password to be stored in plain text in the
>>>>>> server.
>>>>>> check if your password is stored in plain text or not, by default
>>>>>> ApacheDS stores the
>>>>>> passwords in salted-SHA hashes
>>>>>> 
>>>>>> On Mon, Jul 9, 2012 at 12:36 PM, rJassal
>>>>>> <jassal.ravinderjit@gmail.com>
>>>>>> wrote:
>>>>>>> 
>>>>>>> Hi,
>>>>>>> 
>>>>>>> I am working with ApacheDS 2.0.0-M7 release and trying to connect
>>>>>>> using
>>>>>>> DIGEST-MD5 mechanism using the below code.
>>>>>>> 
>>>>>>> 
>>>>>>>       Hashtable env = new Hashtable();
>>>>>>> 
>>>>>>>       env.put(Context.INITIAL_CONTEXT_FACTORY,
>>>>>>> "com.sun.jndi.ldap.LdapCtxFactory");
>>>>>>>       env.put(Context.PROVIDER_URL,
>>>>>>> "ldap://ldap.example.com:10389");
>>>>>>> 
>>>>>>>       env.put(Context.SECURITY_PRINCIPAL, "mborn");
>>>>>>>       env.put(Context.SECURITY_CREDENTIALS, "secret");
>>>>>>>       env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5");
>>>>>>>       env.put( "java.naming.security.sasl.realm", "example.com"
);
>>>>>>> 
>>>>>>>       InitialDirContext ctx = new InitialDirContext(env);
>>>>>>> 
>>>>>>> But I am getting this error 'INVALID_CREDENTIALS: DIGEST-MD5:
cannot
>>>>>>> acquire
>>>>>>> password'.
>>>>>>> 
>>>>>>> Can anyone please help me in this?
>>>>>>> Am I doing something wrong in the code or do I need to make some
>>>>>>> configuration changes in ApacheDS?
>>>>>>> --
>>>>>>> View this message in context:
>>>>>>> http://old.nabble.com/ApacheDS---DIGEST-MD5---INVALID_CREDENTIALS%3A-DIGEST-MD5%3A-cannot-acquire-password-tp34132601p34132601.html
>>>>>>> Sent from the Apache Directory Project mailing list archive at
>>>>>>> Nabble.com.
>>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> -- 
>>>>>> Kiran Ayyagari
>>>>>> 
>>>>>> 
>>>>> 
>>>>> 
>>>> 
>>>> -- 
>>>> View this message in context:
>>>> http://old.nabble.com/ApacheDS---DIGEST-MD5---INVALID_CREDENTIALS%3A-DIGEST-MD5%3A-cannot-acquire-password-tp34132601p34138828.html
>>>> Sent from the Apache Directory Project mailing list archive at
>>>> Nabble.com.
>>>> 
>>> 
>>> 
>>> 
>> 
>> 
> 
> -- 
> View this message in context: http://old.nabble.com/ApacheDS---DIGEST-MD5---INVALID_CREDENTIALS%3A-DIGEST-MD5%3A-cannot-acquire-password-tp34132601p34139016.html
> Sent from the Apache Directory Project mailing list archive at Nabble.com.
> 


Mime
View raw message