Le 09/03/2020 à 21:56, Forster Arnaud, Gymnase francais a écrit :
>
> Thanks very much ;
>
> Here’s what I tried .
>
> <dataset>
>
> <name>ClearSHA1Password</name>
>
> <policy>FORCE</policy>
>
> <defaultValues>
>
> </defaultValues>
>
> <forceValues>
>
> <! ---- 01.03.2020 - This Works but
> wrong Encryption -->
>
> <!--
> <string>SecurityUtils.hash(SecurityUtils.HASH_MD5,"TestUser1")</string>
> -->
>
> <!--
> <string>SecurityUtils.hash(SecurityUtils.HASH_SHA1,srcBean.getDatasetFirstValueById("uid"))</string>
> -->
>
>
>
> <!-- 09.03.2020 -- According to my last
> post in the LSC, here's a proposal for another encryption's type -->
>
> <!-- I replaced the variable by a given
> password - testing purpose -->
>
>
>
> <string>
>
> <![CDATA[
>
> var
> octetString =srcBean.getDatasetFirstValueById("TestUser1");
>
> var str =
> java.lang.String(octetString);
>
> "{SHA}" +
> SecurityUtils.hash(SecurityUtils.HASH_SHA1, str)
>
> ]]>
>
> </string>
>
> </forceValues>
>
> <createValues>
>
> </createValues>
>
> </dataset>
>
>
>
You cannot use getDatasetFirstValueById with a value that is not the
name of an LDAP attribute.
Looking to your previous tries, it should indeed work with just :
SecurityUtils.hash(SecurityUtils.HASH_SHA1,"TestUser1")
You can try in your LDAP directory to store "{SHA}" +
SecurityUtils.hash(SecurityUtils.HASH_SHA1,"TestUser1") in the
userPassword attribute, and then to authenticate with an LDAP bind. You
will be sure that the password was correctly hashed.
--
Clément Oudot | Identity Solutions Manager
[email protected]
Worteks | https://www.worteks.com
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
