qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Godfrey <rob.j.godf...@gmail.com>
Subject Re: [Qpid Java Broker] Generate SHA-256 password
Date Fri, 03 Feb 2017 15:32:32 GMT
Note that the value in the config file is not simply the hashed password...
it is

<salt>,,<StoredKey>,<ServerKey>,<iteration count>

where the ServerKey and StoredKey are as defined in the SCRAM-* RFC (
https://tools.ietf.org/html/rfc5802).

So the easiest may just be to create a standalone program taking the code
from AbstractScramAuthenticationManager.java (see the method
createStoredPassword(String password) )

-- Rob

On 3 February 2017 at 16:15, Rob Godfrey <rob.j.godfrey@gmail.com> wrote:

> I presume you are referring to the SCRAM-SHA256 authentication provider?
>
> We don't currently have a utility for it, but you could simply take the
> code that generates the entries and put it into a standalone program.  I
> don't know if there are any other tools out there that will also generate
> the hash value - the SCRAM-SHA256 mechanism is a standard, so it's possible
> there is something out there that will do this for you already
>
> -- Rob
>
> On 3 February 2017 at 16:00, Vavricka <vavricka.tomas@gmail.com> wrote:
>
>> Hi,
>>
>>  I would like to ask If there is possibility to generate SHA-256 hash for
>> password by external program and then paste it to config.json file?
>>
>>  Vavricka
>>
>>
>>
>> --
>> View this message in context: http://qpid.2158936.n2.nabble.
>> com/Qpid-Java-Broker-Generate-SHA-256-password-tp7658669.html
>> Sent from the Apache Qpid users mailing list archive at Nabble.com.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
>> For additional commands, e-mail: users-help@qpid.apache.org
>>
>>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message