Hey all,
I want to store passwords in a postgresql database. Currently I use the
MD5Password class below and I've been developing on windows. I ran into
problems when running my application on linux.
Linux and Windows, with same JDK's (1.5.0), create different encrypted
password strings. So when testing a password created on one platform on
the other, it will fail :(
Is there a way to make the getEncodedPassw ord method behave the same
regardless of the application being run on windows or linux? And if not,
how could I facilitate platform-independent, easy, not necesarily strong
password encryption?
Thanks in advance for any suggestions,
Ronald
--------------------------------------------------
import java.security.* ;
public class MD5Password {
public static String getEncodedPassw ord(String clearTextPasswo rd)
throws
NoSuchAlgorithm Exception {
MessageDigest md = MessageDigest.g etInstance("MD5 ");
md.update(clear TextPassword.ge tBytes());
return new String(md.diges t());
}
public static boolean testPassword(St ring clearTextTestPa ssword,
String encodedActualPa ssword) throws
NoSuchAlgorithm Exception {
String encodedTestPass word = MD5Password.get EncodedPassword (
clearTextTestPa ssword);
return (encodedTestPas sword.equals(en codedActualPass word));
}
}
--------------------------------------------------
1  12511 
Hi,
It's possible that the default character encoding is different on your
two platforms, so creating a String using the bytes output by the
MessageDigest could result in different Strings on different platforms.
To avoid this, and the possibility that whitespace at the ends of the
String could be trimmed when storing in a varchar column, I Base64
encode the bytes:
MessageDigest md = MessageDigest.g etInstance("SHA ");
md.update(clear TextPassword.ge tBytes());
return new sun.misc.BASE64 Encoder().encod e(md.digest());
Adam
Ronald Evers wrote: Hey all,
I want to store passwords in a postgresql database. Currently I use the
MD5Password class below and I've been developing on windows. I ran into
problems when running my application on linux.
Linux and Windows, with same JDK's (1.5.0), create different encrypted
password strings. So when testing a password created on one platform on
the other, it will fail :(
Is there a way to make the getEncodedPassw ord method behave the same
regardless of the application being run on windows or linux? And if not,
how could I facilitate platform-independent, easy, not necesarily strong
password encryption?
Thanks in advance for any suggestions,
Ronald
--------------------------------------------------
import java.security.* ;
public class MD5Password {
public static String getEncodedPassw ord(String clearTextPasswo rd)
throws
NoSuchAlgorithm Exception {
MessageDigest md = MessageDigest.g etInstance("MD5 ");
md.update(clear TextPassword.ge tBytes());
return new String(md.diges t());
}
public static boolean testPassword(St ring clearTextTestPa ssword,
String encodedActualPa ssword) throws
NoSuchAlgorithm Exception {
String encodedTestPass word = MD5Password.get EncodedPassword (
clearTextTestPa ssword);
return (encodedTestPas sword.equals(en codedActualPass word));
}
}
--------------------------------------------------
----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==---- http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =--- This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: joltman |
last post by:
We're working on an intranet site where we will require user's to only
be able to access their own page in some instances. Rather than
introducing another password to the mix, we were thinking about seeing
if we could use the same credentials (username and password) as their
linux credentials. The web site will be running off of the same machine
that we want to access the credentials on.
Thanx!
-joltman
|
by: Tim Daneliuk |
last post by:
OK, I've Googled for this and cannot seem to quite find what I need.
So, I turn to the Gentle Geniuses here for help. Here is what I
need to do from within a script:
Given a username and a password (plain text):
1) Validate that the password is correct for that user *without actually logging in*.
2) If the password is valid, return a list of all the groups the user belongs to.
Otherwise, return some error string.
|
by: Ian Davies |
last post by:
Hello
I would like to query the user table of the mysql database from my VB
application to check that a user's password entered in a text field on a
form corresponds to that users password in the mysql database. However, when
I retreive the password using an sql statement into a recordset, it is
encrypted. How can I decrypt it so I can make the comparison.
Ian
|
by: Guadala Harry |
last post by:
What are my options for *securely* storing/retrieving the ID and password
used by an ASP.NET application for accessing a SQL Server (using SQL Server
authentication)? Please note that this ID and password would be different
than the one the user enters for ASP.NET forms authentication. The
ID/password in question is used by the application, itself, for accessing
the SQL Server.
Thanks in advance.
|
by: Cecil |
last post by:
Does this make sense for a logon table:
CREATE TABLE Logon
(
ID INT NOT NULL IDENTITY PRIMARY KEY,
name VARCHAR(15) NOT NULL,
password VARCHAR(15) NOT NULL
)
GO
CREATE UNIQUE INDEX IX_Logon_Name ON Logon(name)
| | |
by: Skeleton Man |
last post by:
Hi,
I came across the basic algorithmfor decrypting WS_FTP Pro 6 passwords as
follows, and I'm trying to reverse it to make an encryption function:
function ws_dec()
{
var str = prompt('Enter encrypted password (including PWD=):','');
var output = '';
passw=str.substring(37,str.length);
|
by: Gilles Ganault |
last post by:
Hello
I'd like to encrypt a customer's organization name to use this as
their password to launch our application, and decrypt it within our
VB5 application.
We will then use this information to print it on every page that the
application prints out. That way, even if some other user gives out
his password, it won't do any good, since the organization name will
be the original user's.
|
by: Betikci Boris |
last post by:
I get bored last night and wrote a script that uses xor for encrypt-
decrypt, however it woks fine under linux 2.6.25, text and documents
are ok, but fails on compressed files *.jpg, *.pdf , etc . I didn't
test script on windows.
Here is the code, please send me your views.
<?php
/* Mother Eye Chipper with PHP :), Licence:GPL,
|
by: Jon.Hakkinen |
last post by:
Hi all,
I'm on DB2 9.5 fp 0 on Windows.
I have a simple SQL stored procedure which uses the Encrypt() function
to insert data in a table.
I do not set the encryption password inside the procedure, I plan to
issue an Set Encryption statement at the beginning of every database
session from our middle layer.
But for now I use clp or db2ce to run something like
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
