Solved

LDAP authentication through JSP and some basic LDAP question...

Posted on 2003-11-17
17
893 Views
Last Modified: 2008-02-26
I can't seem to find a topic related to LDAP so I'm posting here since I am planning to use jsp to interact with the ldap server. My LDAP server consists of a bunch of entries of users and passwords... so for each entry it's like:

dn: uid=neo,o=usa
uid: neo
userPassword: biao
o=usa

Problem #1: I added an entry like this into my database. When I did a search to output this entry, i got something like:

# neo, rcms2
dn: uid=neo,o=rcms2
objectClass: uidObject
objectClass: simpleSecurityObject
objectClass: organization
uid: neo
o: rcms2
userPassword:: Ymlhbw==

Notice how the password has become encryped? How am I supposed to extract the real password through the search query without having it be encryped?

Also, how would jsp interact with my ldap server with the databse setup like the above example? Any hints or web sites or code would be nice. I tried googling but they were pretty rough and tough for me to comprehend =(. I'm pretty new at this, let alone java.
0
Comment
Question by:jinduy
  • 5
  • 3
  • 2
  • +3
17 Comments
 
LVL 35

Accepted Solution

by:
TimYates earned 25 total points
ID: 9762834
> How am I supposed to extract the real password through the search query without having it be encryped?

I don't think you are...  That looks like an MD5 encrypted password, which is unrecoverable...

It's a security feature, to stop you getting a list of usernames an passwords...

You could set the password to a new one, but I don't think you can recover the old one back again....this is the same with most systems...

0
 
LVL 4

Expert Comment

by:kokchoon78
ID: 9768024
try this url, some sample code available :

http://www.octetstring.com/products/jdbcldapdriver/
0
 

Expert Comment

by:lapchern
ID: 9768668
yeah i tried setting hte passwored to a new one, and it got encryped to a different string!

the reason i'd like to know how to extract a password is because, how would i be able to authenticate a user through jsp if i can't compare a user's login (id/password) input to the entry in a databaW028since it's all encrypted)?
0
 

Expert Comment

by:lapchern
ID: 9768701
to clarify i tried modifying the encrypted password doing something like

...modify command...
dn: uid=neo,o=rcms2
userPassword: swordfish

and the swordfish is encrypted yet again when i enter a query. i'm starting to guess now that maybe there's a java-based driver that can do all this dirty work for me?
0
 
LVL 2

Expert Comment

by:anthony_castillon
ID: 9884687
Read up on JNDI.  I think you can get something there about connecting to LDAP
0
 

Assisted Solution

by:roman_gagarskiy
roman_gagarskiy earned 25 total points
ID: 9911265
I've got the same problem.
Ymlhbw== is not MD5 encryption. It's just wrong conversion from array of bytes to string.
The thing is that for "userPassword" jndi returns you array of bytes, don't use array.toString(), use new String(array) and you will get your password in cleartext...
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 35

Expert Comment

by:TimYates
ID: 10857344
Looks like a multi to me:

jinduy asks the question, then lapchern seems to take over...

*sigh*

:)
0
 
LVL 35

Expert Comment

by:girionis
ID: 10857361
Hello Tim, long time no see :)

So you mean multi-accounts or split the points?
0
 
LVL 35

Expert Comment

by:TimYates
ID: 10857379
Hiya!  Hope you're keeping well!! :)  

Yeah...too busy at work :-(  I'm having a 10 minute skiive ;-)  hee hee

I meant Multiple accounts...  

jinduy == lapchern ?

:-/
0
 
LVL 35

Expert Comment

by:girionis
ID: 10857740
You are probably right. I think I will ask a moderator to take a look at that :)
0
 
LVL 35

Expert Comment

by:TimYates
ID: 10857791
:-)
0
 
LVL 35

Expert Comment

by:girionis
ID: 11771178
I will yes. I will go through all the questions again today to do a final cleanup :)
0
 
LVL 35

Expert Comment

by:TimYates
ID: 11771187
roman_gagarskiy might have hit the nail on the head...

maybe ;)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
form submissions on a web page 2 143
object methods vs static methods 2 93
unit test DAO layer 1 134
withoutString  challenge 40 180
When we talk about DevOps toolchains, I sometimes wonder how many people really get what we’re talking about. I don’t know if it’s just semantics or tone or something else, but sometimes I think it just sounds like buzzword sausage. So it’s always …
A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint a…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now