Hi Tim Thanks for that!
My situation is that I need to verify a user in DS from a .net application. User will be supplying the username/password but the login is actually carried out by DS. Obviously we'll need to call a dynament file from the .net app but didnt want to pass the information unencrypted. As you can imagine comparison isnt really an option because we cant just extract the password from DS user repository. We really need a 2 way encryption. Something the .net app can encrypt and DS can decrypt before logging the user in so to speak. And before anyone suggests this we will be using https as an added measure. By my research and from what you say it seems that we have to write a custom java class or write a .net web service to handle this perhaps. I was just hoping there would be something out of the box for this. Regards N On Tuesday, July 10, 2012 3:40:52 AM UTC+10, Tim D wrote: > > One way encryption can be done with DynaMents using the applyRule inline > function in conjuction with getDigest (SHA,MD5) this allows comparisons. > > Delivery Server also has an option for attributes to obscure them this is > from the > > set-password (optional) > Used only for source="user"|"system": > Defines how attribute values are displayed. When the DynaMent is executed, > the > attribute is given the property specified here: > • false: Default setting. All characters of attribute values are displayed > with no > encryption. > • true: All characters of attribute values are displayed with the ***** > placeholder. > This applies to the display of values in the user interface, in log files, > and in > projects. Even after processing by an Attribute DynaMent (such as reading), > placeholders are shown for these attribute values. This setting > corresponds to > selecting the Display value as asterisks check box in the editing dialogs > for > attributes. > > Otherwise some simple Java coding could add more functionality. > > On Sunday, July 8, 2012 10:09:00 PM UTC-4, Shah N wrote: >> >> Hi folks, >> >> Just wondering if anyone has used the cryptographic services available in >> DS. >> >> I found you can enable the system keys in DS which makes an additional >> checkbox for encrypting values based on the configuration available (eg. >> blowfish, Triple DES).* *Its clear that any information flagged for >> encryption can be secured this way but how do we go about decrypting >> information? Lets say we store a user attributed and encrypt the values but >> if we need to pass on or verify information there is nothing available that >> can do this (at least I cant find any). I have thought about using the >> python hashlib but thats just a one way hash. I can only compare with that. >> >> How do we go about using a two way crypto within DS without writing a >> custom java class to handle the encrypt/decrypt functions? Is there >> anything built in or a python script of some kind available out there? >> >> N >> > -- You received this message because you are subscribed to the Google Groups "RedDot CMS Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/reddot-cms-users/-/RNd_5kf0_NIJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/reddot-cms-users?hl=en.
