how to persist fos_user data from java desktop application

Question

We are five students in a team working on a project using SCRUM methode. Our first sprint was WEB application... Now, we are working at the second sprint which is Desktop application with JAVA. In the first sprint(Sprint Web),we have created our database using FOS_USER Bundle, this database contains 'User' table, his sql script is(some columns):

DROP TABLE IF EXISTS `User`;
CREATE TABLE IF NOT EXISTS `User` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(180) COLLATE utf8_unicode_ci NOT NULL,
  `username_canonical` varchar(180) COLLATE utf8_unicode_ci NOT NULL,
  `email` varchar(180) COLLATE utf8_unicode_ci NOT NULL,
  `email_canonical` varchar(180) COLLATE utf8_unicode_ci NOT NULL,
  `enabled` tinyint(1) NOT NULL,
  `salt` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
  `password` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
  `last_login` datetime DEFAULT NULL,
  `confirmation_token` varchar(180) COLLATE utf8_unicode_ci DEFAULT NULL,
  `password_requested_at` datetime DEFAULT NULL,
  `roles` longtext COLLATE utf8_unicode_ci NOT NULL COMMENT '(DC2Type:array)',
  PRIMARY KEY (`id`),
  UNIQUE KEY `UNIQ_1D1C63B392FC23A8` (`username_canonical`),
  UNIQUE KEY `UNIQ_1D1C63B3A0D96FBF` (`email_canonical`),
  UNIQUE KEY `UNIQ_1D1C63B3FF631228` (`etablissement_id`),
  UNIQUE KEY `UNIQ_1D1C63B3C05FB297` (`confirmation_token`)
) ENGINE=InnoDB AUTO_INCREMENT=27 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;

Now, in the sprint java, we have generated the entities from database using Netbeans tool, and we get this class(some attributs):

public class User{
private Integer id;
private String username;
private String usernameCanonical;
private String email;
private String emailCanonical;
private short enabled;
private String salt;
private String password;
private Date lastLogin;
private String confirmationToken;
private Date passwordRequestedAt;
private String roles;
}

Now, we need to persist(/get to authentificate) an User object into(/from) this database, but the problem is, the password was crypted with FOS_USER Bundle.So what is the way to decrepte/encrypte this password. Our DAOUser is like this!?

public void ajouter(User user) {
    String req = "INSERT INTO User (nom,username,email,enabled,salt,password,roles) VALUES (?,?,?,?,?,?)" ;
    PreparedStatement pre;
    try {
        pre = connection.prepareStatement(req);
        pre.setString(1, user.getUsername());
        pre.setString(2, user.getEmail());
        pre.setShort(3, user.getEnabled());
        //Some thing wrong : exp in database {username:Zain,salt:'0Yi3LZANkpfMsnhbn2XHA00cASLCGVfWc7TJWNOjXsk')
        pre.setString(4, user.getSalt());
        //Some thing wrong : exp in database {username:Zain,passowrd:'qXSSYBDXWQA/ZcbPVOoBKzd5oshTkQP0Q3AeEilnh47Mcrc9uUZYDYwmRJiMKc7nRPvRx6k0eEJrc6HrrDvZtQ==')
        pre.setString(5, user.getPassword());
        //This Role must be unserialised(the equivalent unserialize method in php)
        pre.setString(6,user.getRoles());

        pre.executeUpdate();
    } catch (SQLException ex) {
        Logger.getLogger(EtablissementService.class.getName()).log(Level.SEVERE, null, ex);
    }
}

Answer 1

You don't wan to decrypt password. It should be one way hash. To check validity of password, encrypt user input in the same way and check calculated hash to match the hash in the database