[英]JNDI LDAP How to decode SSHA password
I used apacheds(as LDAP server) and inserted entries into it using apache directory studio. 我使用apacheds(作为LDAP服务器),并使用apache directory studio将条目插入其中。 For the userPassword atribute I selected plain text only. 对于userPassword属性,我仅选择了纯文本。 but, apache directory studio is encrypting it. 但是,apache directory studio正在对其进行加密。 i don't know why is that. 我不知道为什么。 Now, my java program to retrieve that entry is giving me a ssha encrypted password. 现在,我检索该条目的Java程序给了我一个ssha加密密码。 can anyone out there help me in how to decode it ? 外面有人可以帮助我进行解码吗?
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
class GetAttrs {
public static void main(String[] args) {
// Set up the environment for creating the initial context
Hashtable<String, Object> env = new Hashtable<String, Object>(11);
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:10389/o=mojo");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
env.put(Context.SECURITY_CREDENTIALS, "secret");
try {
// Create initial context
DirContext ctx = new InitialDirContext(env);
// Specify the ids of the attributes to return
String[] attrIDs = { "cn", "sn", "uid", "userPassword" };
// Get the attributes requested
Attributes answer = ctx
.getAttributes("cn=Harish Koppala, ou=Users", attrIDs);
// Print the answer
printAttrs(answer);
// Close the context when we're done
ctx.close();
} catch (Exception e) {
e.printStackTrace();
}
}
static void printAttrs(Attributes attrs) throws Exception{
if (attrs == null) {
System.out.println("No attributes");
} else {
/* Print each attribute */
try {
for (NamingEnumeration ae = attrs.getAll(); ae.hasMore();) {
Attribute attr = (Attribute) ae.next();
System.out.print(attr.getID()+" : ");
/* print each value */
if("userpassword".equalsIgnoreCase(attr.getID())){
for (
NamingEnumeration e = attr.getAll();
e.hasMore();
System.out.println(new String((byte[])e.next()))
);
}else{
for (
NamingEnumeration e = attr.getAll();
e.hasMore();
System.out.println(e.next())
);
}
}
} catch (NamingException e) {
e.printStackTrace();
}
}
}
}
output: 输出:
userPassword : {SSHA}SKA8QY7BBX0tgdZlzL+3sEDFnIBsJwd8VHjexw== userPassword:{SSHA} SKA8QY7BBX0tgdZlzL + 3sEDFnIBsJwd8VHjexw ==
uid : hwilliams uid:威廉姆斯
sn : Williams sn:威廉姆斯
cn : Hugo Williams cn:雨果·威廉姆斯
It isn't encrypting it. 它没有加密。 It is securely hashing it. 它正在安全地对其进行哈希处理。 You can't decrypt or decode it. 您无法对其解密或解码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.