• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 240
  • Last Modified:

Need library to access operating system's user and password database

I need a library to access operating system's user and password database, in order to synchronize my app's user list with the operating system's. My app is going to be made in Java, so if the library is multi platform it would be great (at least Linux/Unix/*BSD and all Windows but 98/ME). But I think a multi platform library of this kind would be rare, so I can accept also that the library is only for Windows 2000/XP/2003 Server (and NT 4 if possible), or only for Linux/Unix/*BSD.

Originally the question was here: http://www.experts-exchange.com/Programming/Programming_Languages/Java/Q_21092083.html, but since I was said that I can use native languajes such as C++ from Java, I'm posting it here.
0
pulupul
Asked:
pulupul
  • 5
  • 3
  • 2
1 Solution
 
jkrCommented:
If you want the user names, that's the easy part. On UN*X-like systems, just read /etc/passwd. On Win32, you'd use 'NetUserEnum()', which will work on all the platforms you mentioned. See http://win32.mvps.org/network/nue_nqdi.cpp for the sample code. However, obtaining the passwords is impossible, since they are stored as one-way hashes.
0
 
AxterCommented:
What is it that your application needs to do, that it would need the user's password?

We can probably give you a better alterantive if you can give us some details.
0
 
pulupulAuthor Commented:
jkr: obtaining the hashes would be enough, as I can later find out what algorithm (MD5 or any other) is being used by the OS to encrypt the passwords, then encrypt my passwords with the same algorithm, and compare the hashes. It can be done like that, can't it?.

The application is a kind of messaging server that is going to be used in an office LAN.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
jkrCommented:
That *might* work on UN*X (with "shadowing" turned off), but not for Win32, since the hash function is not available...
0
 
AxterCommented:
>>The application is a kind of messaging server that is going to be used in an office LAN.

But why would you need the user's password?

I'm sure you can accomplish your application goal, with out the user's password.
0
 
jkrCommented:
Agree. If you really need it, have them type it. And even that I probably wouldn't do if I was the user in question :o)
0
 
pulupulAuthor Commented:
The behavior I would like is that my app is installed in a server, say Windows 2000 Server, and then when a client tries to connect to my server (using a client app I made myself too), he types his Windows 2000 domain user name and password. If the user changes his password in the Windows 2000 domain, then my app would detect it and refresh it's user/password database so that the next time the clients authentificates, he can use the new password.
Mmm I'm thinking, is there an API call (in Windows or *nix), to which you pass a user name and password and says if they are correct by looking at the OS's user/password database? If so, that would do the job.
If none of this can be done, I guess I could just import user names from OS, and mantain my own password list, which would be independent from the OS, but that's not what I want.
Ask anything you want and thanks for the replies.
0
 
jkrCommented:
>>is there an API call (in Windows or *nix), to which you pass a user name and password and says if they are correct
>>by looking at the OS's user/password database?

For Win32, see http://support.microsoft.com/default.aspx?scid=KB;en-us;q180548 ("How To Validate User Credentials on Microsoft Operating Systems")
0
 
jkrCommented:
Oh, and for UN*X, there's 'crypt()':

NAME
       crypt - password and data encryption

SYNOPSIS
       #define _XOPEN_SOURCE
       #include <unistd.h>

       char *crypt(const char *key, const char *salt);

DESCRIPTION
       crypt is the password encryption function.  It is based on
       the Data Encryption  Standard  algorithm  with  variations
       intended  (among  other things) to discourage use of hard­
       ware implementations of a key search.
0
 
pulupulAuthor Commented:
I'll use NetUserEnum() to get the user list, which I also need, and I'll use the method commented in http://support.microsoft.com/default.aspx?scid=KB;en-us;q180548, as it does not require my app to have permission to act as part as the operating system, which the other candidate API call, LogonUser (see Windows programming area link below), required. About crypt(): it is not what I need, since the only thing it does is encrypting a string with some algorithm. In *nix/*BSD platforms, I'll probably use PAM modules (see Linux prog. link below).

Specific OS related questions opened by me too:
Windows: http://www.experts-exchange.com/Programming/Programming_Platforms/Win_Prog/Q_21096449.html
Linux: http://www.experts-exchange.com/Programming/Programming_Platforms/Linux_Programming/Q_21096715.html

So, thanks jkr, you told me all I needed, so I'm probably accepting your comments. I'm waiting some more days (2 or 3), just to see if someone knows about a library that handles all this.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now