Bhaskar Roy wrote:
Hi Ate,
Thanks for your reply. I am trying to decode the passwords, which are set by
Jetspeed. I thought PBEPasswordTool can do that, if not, how I can recover
passwords.
As I described before, you can only recover passwords which were encoded by the PBEPasswordTool itself, e.g. by
leveraging and configuring the PBEPasswordService (which extends PBEPasswordTool) as CredentialPasswordEncoder for
Jetspeed (defined in Spring assembly file security-spi-atn.xml).
If you have used the default configured MessageDigestCredentialPasswordEncoder for encoding your passwords, there is no
way to decode them anymore as MessageDigest encoding is a one-way only encoding algorithm.
Regards,
Ate
Thanks again!
Bhaskar
On 8/18/08, Ate Douma <[EMAIL PROTECTED]> wrote:
Hi Bhaskar,
The PBEPasswordTool can only be used to decode a password for a specific
user (name) under the following conditions:
a) (trivial) the encoded password was created using PBEPasswordTool
b) the same secrect key is used for initializing the PBEPasswordTool
c) the same username is used for decoding as used for encoding
So, the following should be true (see also TestPBEPasswordTool.java):
PBEPasswordTool pbe = new PBEPasswordTool("xyz");
assertEquals("Decoded password doesn't match original", "abc123",
pbe.decode("user1", pbe.encode("user1","abc123")));
Regards,
Ate
Bhaskar Roy wrote:
any help???
---------- Forwarded message ----------
From: Bhaskar Roy <[EMAIL PROTECTED]>
Date: Aug 10, 2008 5:56 PM
Subject: org.apache.jetspeed.security.util.PBEPasswordTool Not working
To: Jetspeed Users List <[email protected]>
Has anybody used this tool before?? I am trying to use this tool to
decrypt
password, but I am getting following error -
Exception in thread "main" org.apache.jetspeed.security.SecurityException:
Unexpected security error at PBEPasswordTool from decode: Input length
must
be multiple of 8 when decrypting with padded cipher
at
org.apache.jetspeed.security.util.PBEPasswordTool.decode(PBEPasswordTool.java:93)
at
org.apache.jetspeed.security.util.PBEPasswordTool.main(PBEPasswordTool.java:132)
Caused by: javax.crypto.IllegalBlockSizeException: Input length must be
multiple of 8 when decrypting with padded cipher
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_ae.b(DashoA12275)
at
com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at
org.apache.jetspeed.security.util.PBEPasswordTool.decode(PBEPasswordTool.java:89)
... 1 more
Thanks in advance!
Bhaskar
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
