Return-Path: 
 <dev-return-41158-apmail-directory-dev-archive=directory.apache.org@directory.apache.org>
X-Original-To: apmail-directory-dev-archive@www.apache.org
Delivered-To: apmail-directory-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 72866D038
	for <apmail-directory-dev-archive@www.apache.org>;
 Tue, 10 Jul 2012 12:17:20 +0000 (UTC)
Received: (qmail 18078 invoked by uid 500); 10 Jul 2012 12:17:20 -0000
Delivered-To: apmail-directory-dev-archive@directory.apache.org
Received: (qmail 17815 invoked by uid 500); 10 Jul 2012 12:17:18 -0000
Mailing-List: contact dev-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@directory.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@directory.apache.org>
List-Post: <mailto:dev@directory.apache.org>
List-Id: <dev.directory.apache.org>
Reply-To: "Apache Directory Developers List" <dev@directory.apache.org>
Delivered-To: mailing list dev@directory.apache.org
Received: (qmail 17711 invoked by uid 99); 10 Jul 2012 12:17:16 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 Jul 2012 12:17:16 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of pajbam@gmail.com designates
 74.125.82.44 as permitted sender)
Received: from [74.125.82.44] (HELO mail-wg0-f44.google.com) (74.125.82.44)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 Jul 2012 12:17:07 +0000
Received: by wgbdr13 with SMTP id dr13so12449090wgb.1
        for <dev@directory.apache.org>; Tue, 10 Jul 2012 05:16:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=sender:content-type:mime-version:subject:from:in-reply-to:date
         :content-transfer-encoding:message-id:references:to:x-mailer;
        bh=/9fVlE/9tn9JUkZpZRxL2VSvdnqiEYzX43QXq1h9Z8A=;
        b=S/6Qkxc6d6CxFSDAZAeFlu7Eh9tinmJ4vKWqongiu5TpnA6Coy3RQKNnl3A32xiw4O
         F68rBw5h1cyskPG/f70NiuoudyPvkuDamOHSMvvPSv//MqWo1BKxaiWJxnlTzLUJb5rt
         ufLp4Dq0dhFE+DUiGpbhEwLv4BDq+AIlyC6AS+aeM2yuHKJC+uSAJ9eWbOsWCdyB8Z62
         GB0qgwO3QGKB2S3UTQ3Pcl52CmeeLtvOu2CmONmvZggo8tk11PFEMl/Oj4ij2BGQAiDJ
         2G7IHFBfdxPu+s5tQdrXNj9CPB3w+ALCxeuiQhLziWuPyn2OGRBs9h0q8o8ny4XUhwz/
         tkqg==
Received: by 10.180.79.69 with SMTP id h5mr23808041wix.6.1341922607522;
        Tue, 10 Jul 2012 05:16:47 -0700 (PDT)
Received: from [192.168.0.12] (lon92-10-78-226-4-211.fbx.proxad.net.
 [78.226.4.211])
        by mx.google.com with ESMTPS id k20sm836910wiv.11.2012.07.10.05.16.46
        (version=TLSv1/SSLv3 cipher=OTHER);
        Tue, 10 Jul 2012 05:16:47 -0700 (PDT)
Sender: Pierre-Arnaud Marcelot <pajbam@gmail.com>
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Apple Message framework v1278)
Subject: Re: ApacheDS - DIGEST-MD5 - INVALID_CREDENTIALS: DIGEST-MD5: cannot
 acquire password
From: Pierre-Arnaud Marcelot <pa@marcelot.net>
In-Reply-To: <34139016.post@talk.nabble.com>
Date: Tue, 10 Jul 2012 14:16:45 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <C12791D2-DCAA-4AA2-AAF3-1B879357FC3A@marcelot.net>
References: <34132601.post@talk.nabble.com>
 <CABzFU-d-=+EFSB9z+EhHWGmUu6GtMZTKnnxUF-N9=5rLy1pOqg@mail.gmail.com>
 <34132739.post@talk.nabble.com> <34138828.post@talk.nabble.com>
 <9A66C8A2-5BE1-4405-B2C2-F7FBA6240B97@marcelot.net>
 <34138947.post@talk.nabble.com> <34139016.post@talk.nabble.com>
To: "Apache Directory Developers List" <dev@directory.apache.org>
X-Mailer: Apple Mail (2.1278)

Cool.

Let us know if you have any other issue.

Regards,
Pierre-Arnaud

On 10 juil. 2012, at 12:50, rJassal wrote:

>=20
> Its working.
> I have to update the value for ads-searchBaseDN
>=20
>=20
> rJassal wrote:
>>=20
>> Hi Pierre-Arnaud ,
>>=20
>> Thanks for the reply.
>> Now ApacheDS is accepting the plain text password.
>>=20
>> But still I am getting the error using the code I posted above. If
>> possible can you please let me know what is wrong with that code.
>> Thanks in advance.
>>=20
>>=20
>>=20
>> Pierre-Arnaud Marcelot-2 wrote:
>>>=20
>>> Here's the procedure for ApacheDS 2.0.0-M7.
>>>=20
>>> You should deactivate the Password Hashing interceptor and the =
Password
>>> Policy.
>>>=20
>>> To do so, you need to switch the 'enabled' attribute to 'false' on =
both
>>> entries:
>>> -
>>> =
ads-interceptorId=3DpasswordHashingInterceptor,ou=3Dinterceptors,ads-direc=
toryServiceId=3Ddefault,ou=3Dconfig
>>> -
>>> =
ads-pwdId=3Ddefault,ou=3DpasswordPolicies,ads-interceptorId=3Dauthenticati=
onInterceptor,ou=3Dinterceptors,ads-directoryServiceId=3Ddefault,ou=3Dconf=
ig
>>>=20
>>> Then, you need to restart the server.
>>>=20
>>> ApacheDS should accept plain text password from now on.
>>>=20
>>> Regards,
>>> Pierre-Arnaud
>>>=20
>>> On 10 juil. 2012, at 12:08, rJassal wrote:
>>>=20
>>>>=20
>>>> Any pointer for this.
>>>> I tried with Apaches 1.5.7 and getting same error.
>>>>=20
>>>>=20
>>>>=20
>>>> rJassal wrote:
>>>>>=20
>>>>> Yes, password is stored in salted-SHA hashes.(I can see this once
>>>>> connected using Apache Studio).
>>>>> But in my ldif file I provided the password as plain text.
>>>>> userpassword:: secret
>>>>>=20
>>>>> Where can I configure ApachesDS not to store my password in SHA =
hashes?
>>>>>=20
>>>>>=20
>>>>> Kiran Ayyagari-2 wrote:
>>>>>>=20
>>>>>> DIGEST-MD5 requires the password to be stored in plain text in =
the
>>>>>> server.
>>>>>> check if your password is stored in plain text or not, by default
>>>>>> ApacheDS stores the
>>>>>> passwords in salted-SHA hashes
>>>>>>=20
>>>>>> On Mon, Jul 9, 2012 at 12:36 PM, rJassal
>>>>>> <jassal.ravinderjit@gmail.com>
>>>>>> wrote:
>>>>>>>=20
>>>>>>> Hi,
>>>>>>>=20
>>>>>>> I am working with ApacheDS 2.0.0-M7 release and trying to =
connect
>>>>>>> using
>>>>>>> DIGEST-MD5 mechanism using the below code.
>>>>>>>=20
>>>>>>>=20
>>>>>>>       Hashtable env =3D new Hashtable();
>>>>>>>=20
>>>>>>>       env.put(Context.INITIAL_CONTEXT_FACTORY,
>>>>>>> "com.sun.jndi.ldap.LdapCtxFactory");
>>>>>>>       env.put(Context.PROVIDER_URL,
>>>>>>> "ldap://ldap.example.com:10389");
>>>>>>>=20
>>>>>>>       env.put(Context.SECURITY_PRINCIPAL, "mborn");
>>>>>>>       env.put(Context.SECURITY_CREDENTIALS, "secret");
>>>>>>>       env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5");
>>>>>>>       env.put( "java.naming.security.sasl.realm", "example.com" =
);
>>>>>>>=20
>>>>>>>       InitialDirContext ctx =3D new InitialDirContext(env);
>>>>>>>=20
>>>>>>> But I am getting this error 'INVALID_CREDENTIALS: DIGEST-MD5: =
cannot
>>>>>>> acquire
>>>>>>> password'.
>>>>>>>=20
>>>>>>> Can anyone please help me in this?
>>>>>>> Am I doing something wrong in the code or do I need to make some
>>>>>>> configuration changes in ApacheDS?
>>>>>>> --
>>>>>>> View this message in context:
>>>>>>> =
http://old.nabble.com/ApacheDS---DIGEST-MD5---INVALID_CREDENTIALS%3A-DIGES=
T-MD5%3A-cannot-acquire-password-tp34132601p34132601.html
>>>>>>> Sent from the Apache Directory Project mailing list archive at
>>>>>>> Nabble.com.
>>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>> --=20
>>>>>> Kiran Ayyagari
>>>>>>=20
>>>>>>=20
>>>>>=20
>>>>>=20
>>>>=20
>>>> --=20
>>>> View this message in context:
>>>> =
http://old.nabble.com/ApacheDS---DIGEST-MD5---INVALID_CREDENTIALS%3A-DIGES=
T-MD5%3A-cannot-acquire-password-tp34132601p34138828.html
>>>> Sent from the Apache Directory Project mailing list archive at
>>>> Nabble.com.
>>>>=20
>>>=20
>>>=20
>>>=20
>>=20
>>=20
>=20
> --=20
> View this message in context: =
http://old.nabble.com/ApacheDS---DIGEST-MD5---INVALID_CREDENTIALS%3A-DIGES=
T-MD5%3A-cannot-acquire-password-tp34132601p34139016.html
> Sent from the Apache Directory Project mailing list archive at =
Nabble.com.
>=20