通过 Java 更新 LDAP 时如何指定哈希算法?
当您使用 Java API 更新 Open LDAP 目录时,有没有办法指定哈希算法(MD5、SHA1 等)用于存储密码,代码如下:
Is there a way to specify the hash algorithm (MD5, SHA1, etc.) to use for storing the passwords when you update an Open LDAP directory using Java APIs with code like this:
private void resetPassword(String principal, String newPassword) throws NamingException {
InitialDirContext ctxAdmin = null;
Hashtable<String, String> ctxData = new Hashtable<String, String>();
ctxData.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
ctxData.put(Context.PROVIDER_URL, "ldap://myserver:389");
ctxData.put(Context.SECURITY_AUTHENTICATION, "simple");
ctxData.put(Context.SECURITY_PRINCIPAL, "admin_dn");
ctxData.put(Context.SECURITY_CREDENTIALS, "admin_passwd");
InitialDirContext ctxAdmin = new InitialDirContext(ctxData);
if (newPassword == null || newPassword.equals("")) {
String msg = "Password can't be null";
throw new NamingException(msg);
} else {
if (principal == null || principal.equals("")) {
String msg = "Principal can't be null";
throw new NamingException(msg);
} else {
if (ctxAdmin == null) {
String errCtx = "Can't get LDAP context";
throw new NamingException(errCtx);
}
}
}
BasicAttribute attr = new BasicAttribute("userpassword", newPassword);
ModificationItem modItem = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, attr);
ModificationItem[] items = new ModificationItem[1];
items[0] = modItem;
ctxAdmin.modifyAttributes("cn=" + principal + ",ou=Users,dc=com", items);
}
推荐答案
应该这样做:(MD5)显示
Something along these lines should do it: (MD5) Shown
context.setAttributeValue("userPassword", digestMd5("newPassword));
private String digestMd5(final String password) {
String base64;
try {
MessageDigest digest = MessageDigest.getInstance("MD5");
digest.update(password.getBytes());
base64 = new BASE64Encoder().encode(digest.digest());
}
catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
return "{MD5}" + base64;
}
-吉姆
相关文章