Hi, all
Now I am looking at the implementation for JndiLoginModule which
is missing in current harmony class library.
But now I encounter a problem:
As spec says, according to RFC 2307[1], the password stored in
jndi directory is encoded by a crypto algorithm:
userPassword values MUST be represented by following syntax:
passwordvalue = schemeprefix encryptedpassword
schemeprefix = "{" scheme "}"
scheme = "crypt" / "md5" / "sha" / altscheme
altscheme = "x-" keystring
encryptedpassword = encrypted password
The encrypted password contains of a plaintext key hashed using the
algorithm scheme.
And currently, spec says it only acknowledge the "crypt" algorithm.
Besides, posix has such a system call as "crypt" which take the
responsibility[2]. But it lacks on windows.
So we had better implement the algorithm in java. But where is the
details of the algorithm? And I guess maybe we can borrow one from a
project which is under a licence compatible with apache. But where?
Is there any familiar with it?
Thanks.
[1]http://www.ietf.org/rfc/rfc2307.txt
[2]http://www.yiluda.net/manual/linux/man/crypt.html
--
Leo Li
China Software Development Lab, IBM
