通过 JNDI 更新 LDAP 加密密码
[英]Updating LDAP encrypted password via JNDI
问题描述
I need some pointers how to update an encrypted password in an LDAP (OpenLDAP) of a user within an LDAP tree.
我需要一些指示如何更新 LDAP 树中用户的 LDAP (OpenLDAP) 中的加密密码。 The passwords in the LDAP server are prefixed with {crypt} which I suppose indicates that it is encrypted (with DES?) LDAP 服务器中的密码以 {crypt} 为前缀,我想这表明它是加密的(使用 DES?)
I need to write a method which updates a user's passwords.我需要编写一个更新用户密码的方法。 What is the right way to do this?这样做的正确方法是什么? Do I need to prefix the string with {crypt} myself?我需要自己在字符串前面加上 {crypt} 吗? How do I encrypt the password for {crypt}?如何加密 {crypt} 的密码?
UPDATE:更新:
Just to clarify what I need is the Java code to encrypt the attribute so that it works with {crypt}.只是为了澄清我需要的是 Java 代码来加密属性,以便它与 {crypt} 一起使用。 I also don't know if I have to prefix the attribute with the string {crypt} myself.我也不知道我是否必须自己在属性前面加上字符串 {crypt}。
2 个解决方案
解决方案1
1 2011-07-05 09:57:16
No, you just need to update the attribute, just like any other attribute, but remembering that unlike most attributes it is a byte[] not a String.不,您只需要更新属性,就像任何其他属性一样,但请记住,与大多数属性不同,它是字节 [] 而不是字符串。
There is also an ExtendedOperation for password modification in association with the Password Policy IETF draft, but you haven't mentioned you're using that.还有一个与密码策略 IETF 草案相关的密码修改扩展操作,但您没有提到您正在使用它。
解决方案2
0 2011-07-05 16:12:51
In some cases, using a pre-encoded password might prevent the directory server from enforcing password quality checks.在某些情况下,使用预编码密码可能会阻止目录服务器执行密码质量检查。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.