We hash at the application side (java) before persisting it into the table. We use SSHA256. At high level below is the pseudo code of hashing.
========================= //Generate salt Generate 5 byte salt //Add salt and password to message digest instance Get Message Digest instance messageDigest.update(salt); messageDigest.update(password.getBytes()); //hash the content byte[] hashedText = new byte[32+salt_length]; messageDigest.digest(hashedText, 0, 32); // append the salt to the hashed text System.arraycopy(salt, 0, hashedText, len, saltLength); Store above byte[] in base64 format in RDBMS ================================= -----Original Message----- From: Quanah Gibson-Mount <[email protected]> Sent: Wednesday, November 4, 2020 9:32 PM To: Thangavel, Parameswaran; [email protected] Subject: Re: Migration of Password Hash from RDBMs [EXTERNAL EMAIL] --On Wednesday, November 4, 2020 3:35 AM +0000 "Thangavel, Parameswaran" <[email protected]> wrote: > > > Team, > > I looking to replace RDBMS with openldap as datastore for one of the > product. One blocker we have is handling the password migration. > > > > The password is stored in hashed format in RDBMS. However, I am not > able to get the password migrated. What password hash is being used by the RDBMS? --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>
