directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: Retrieving Salts
Date Wed, 12 Dec 2012 03:09:42 GMT
this is indeed the case, one can use the PasswordUtil's methods if needed
for retrieving various parts
of a hash

[1]
http://svn.apache.org/viewvc/directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/shared/ldap/model/password/PasswordUtil.java?view=markup

On Tue, Dec 11, 2012 at 11:58 PM, Linus van Geuns <linus@vangeuns.name>wrote:

> Hey,
>
> I cannot speak from experience with salted userPassword values of ApacheDS,
> but usually they are stored within the attribute userPassword itself.
> Format:
> userPassword: { <algorithm> } <salt> <hash>
>
> e.g. for password "test123":
> userPassword: {SSHA}e8wXXTVuvS5IPd0tueLHnrWYrgJZtL1j
>
> The presence and length of the salt and the length of the hash depend on
> the chosen algorithm.
>
> Regards, Linus
>
>
> On Tue, Dec 11, 2012 at 7:17 PM, Kevin Hamilton <khamilton@umem.org>
> wrote:
>
> > Hello,
> >
> > I use the SSHA512 Hashing Interceptor to store passwords. I was wondering
> > if there is any way to retrieve these salts after the fact. Where are
> they
> > stored?
> >
> > Thanks,
> > Kevin
> >
>
>
>
> --
> Linus van Geuns
> IT-Dienstleistungen
>
> Telefon: +49 179 7700683
> E-Mail: <linus@vangeuns.name>
>
> Gartenstr. 56a
> 76133 Karlsruhe
>



-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message