2015-04-01 14:59 GMT+02:00 Nate Smith <[email protected]>: > Hi, I'm currently using LSC to connect a MySQL database (connected to > Wordpress) to an Ldap server. > > We are looking to have user information created on MySQL transfer over to > Ldap. > Wordpress uses a hashing algorithm to store passwords, which cannot be > decrypted, so doesn't send a plain text password to Ldap. > We can't store the passwords on the MySQL database, as it's on a web server, > and seems to be a bad practice. > > I would like to use an end to end encryption method (like AES 128), but > can't figure out if there's a way to do it so that: > A) Wordpress encrypts the password and stores it using wcrypt. > B) LSC decrypts the password using the security utilities. > > Is this possible, or does the password ALSO have to be EnCRYPTED using the > .key file from LSC? > Could I encrypt within PHP and then decrypt with the LSC method? > > If so how? > If not, is there another methodology that would be equally secure but work? >
Hi, you could try to use a hash algorithm that works with MySQL and LDAP like SHA. Else you need to choose a symmetric encryption mechanism supported by Wordpress (PHP) and by LSC (Java/JS/Groovy). Here is a Perl code that cipher the password with the same alg that LSC SecurityUtils: http://tools.lsc-project.org/projects/lsc/repository/entry/lsc/trunk/bin/passwordhk.pl Clément. _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
