[英]Is there a way to change LDAP password without having “unicodePwd” attribute
In my LDAP
directory I don't have attribute called unicodePwd
. 在我的LDAP
目录中,我没有名为unicodePwd
属性。
All I have us userPassword
. 我只有我们userPassword
。
I wrote java to change userPassword attribute. 我写了Java来更改userPassword属性。 However, it is storing it as plain text. 但是,它将其存储为纯文本。 For example, if I want my new password to be newpassword
, 例如,如果我希望新密码为newpassword
,
LDAP stores it as newpassword
and it doesn't hash it. LDAP将其存储为newpassword
,并且不会对其进行哈希处理。
I can't authenticate with this password once it is changed. 更改后,我无法使用此密码进行身份验证。
Part of my code where I am doing this: 我在其中执行此操作的部分代码:
String quotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword = quotedPassword.getBytes("UTF-16LE");
//String newpass = new String(pwdArray, "UTF8");
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userPassword", newUnicodePassword));
// Perform the update
ctx.modifyAttributes(userName, mods);
I changed this code so it passes hashed password, but it is still not authenticating... 我更改了此代码,使其通过了哈希密码,但仍无法验证...
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(newPassword.getBytes("UTF-16LE"));
byte byteData[] = md.digest();
//convert the byte to hex format method 1
StringBuffer sb = new StringBuffer();
for (int i = 0; i < byteData.length; i++) {
sb.append(Integer.toString((byteData[i] & 0xff) + 0x100, 16).substring(1));
}
//String newpass = new String(pwdArray, "UTF8");
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userPassword", sb.toString()));
// Perform the update
ctx.modifyAttributes(userName, mods);
您必须使用LDAP扩展操作来执行此操作,以便服务器正确处理它,有关详细信息: http : //www.rfc-editor.org/rfc/rfc3062.txt
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.