Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / Security / April 2004

Tip: Looking for answers? Try searching our database.

SSHA and SunOne Directory Server 5.2

Thread view: 
Enable EMail AlertsStart New Thread
KC Wong - 31 Mar 2004 07:28 GMT
I have trouble doing SSHA... I've found a Java program from Netscape
(pwdSHA) that generates SSHA, but its result is not the same as those stored
in SunOne directory server 5.2. It seems to me that the program I have is
correct, it's just it is not applying the salt in the same way as SunOne
Directory Server 5.2.

Details:

I have to implement password policy, and one of the requirement is to check
if the new password is the same as the previous five.

The directory stores the previous passwords in their SSHA'ed format. So to
make sure the new password is not the same, I'll have to SSHA the new
password, and compare it with the values stored.

However I don't seem to be able to generate the same value from my program
as SunOne Directory Server 5.2.

I've searched in Sun's forum, and found there're a few posts about it, but
with no clear answers.

Besides the Java Code I found from Netscape, I've also write up one
myself... and the result from my program and the one from Netscape match -
which is, different from SunOne Directory server.

Can anyone help? Is there a documentation of how SunOne Directory Server
performs SSHA?
Reply to this Message
Michael Amling - 31 Mar 2004 16:20 GMT
> Can anyone help? Is there a documentation of how SunOne Directory Server
> performs SSHA?

  Is the source available from Sun?

--Mike Amling
Reply to this Message
KC Wong - 01 Apr 2004 04:42 GMT
> > Can anyone help? Is there a documentation of how SunOne Directory Server
> > performs SSHA?
>
>    Is the source available from Sun?

If you're talking about the SSHA algorithm, I've found none from Sun. I've
found one from Netscape (called pwdSHA), but its result does not match with
SunOne Directory Server 5.2. pwdSHA's result match with the one I've
written.
Reply to this Message
Richard Attermeyer - 04 Apr 2004 13:55 GMT
Hi KC,

Sun ONE Directory can take care of this itself. You can configure it
to keep a password history. It will check new passwords against this list
automatically and reject already used ones. This is the case with 5.1 and
has been in place for our corporate Intranet for some years.

You can find information on 5.2 under:
http://docs.sun.com/source/816-6698-10/useracct.html

Bye,
  Richard
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.