[JDBC] Unable to store SHA hash
I recently migrated an application from Oracle to Postgresql 7.1. The
migration was fairly painless with one exception:
User's passwords are hashed using SHA, then stored in the database. Ie.
// Get the hash of the password
MessageDigest md=null;
try {
md = MessageDigest.getInstance(sha);
}
catch (NoSuchAlgorithmException e) {
System.out.println(Error: sha encryption unavailable.);
}
String hashedPass = new
String(md.digest(request.getParameter(pass).getBytes()));
This string contains several characters that are outside the normal ASCII
range. The string could be stored and retrieved using Oracle and MySQL, but
in Postgres any unusual characters become '?'. This corrupts the hash and
prevents users from logging on.
So far, the following have been tried:
- Password stored using PreparedStatement setString() call. Retrieved using
ResultSet(). Verified hash corruption in the database.
- Password field datatype changed from varchar to bytea. Oddly enough,
PreparedStatement.setBytes() can not be used against this datatype. Resorted
to using .setString(). Hash was still corrupted at the database level.
Any insight into how to accomplish this task would be greatly appreciated.
Jerry
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
---(end of broadcast)---
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
[JDBC] Unable to store SHA hash
I apologize if this message appears in duplicate. The original was posted before the I received notice that an additional confirmation message would be needed to get onto the list.
I recently migrated an application from Oracle to Postgresql 7.1. Themigration was fairly painless with one exception:User's passwords are hashed using SHA, then stored in the database. Ie. // Get the hash of the password MessageDigest md=null; try { md = MessageDigest.getInstance("sha"); } catch (NoSuchAlgorithmException e) { System.out.println("Error: sha encryption unavailable."); } String hashedPass = newString(md.digest(request.getParameter("pass").getBytes()));This string contains several characters that are outside the normal ASCIIrange. The string could be stored and retrieved using Oracle and MySQL, butin Postgres any unusual characters become '?'. This corrupts the hash andprevents users from logging on.So far, the following have been tried:- Password stored using PreparedStatement setString() call. Retrieved usingResultSet.getString(). Verified hash corruption in the database.- Password field datatype changed from varchar to bytea. Oddly enough,PreparedStatement.setBytes() can not be used against this datatype. Resortedto using .setString(). Hash was still corrupted at the database level.Any insight into how to accomplish this task would be greatly appreciated.JerryGet Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
[JDBC] Unable to store SHA hash (Non-HTML--Sorry)
I apologize if this message appears in duplicate. The original was posted
before the I received notice that an additional confirmation message would
be needed to get onto the list.
I recently migrated an application from Oracle to Postgresql 7.1. The
migration was fairly painless with one exception:
User's passwords are hashed using SHA, then stored in the database. Ie.
// Get the hash of the password
MessageDigest md=null;
try {
md = MessageDigest.getInstance(sha);
}
catch (NoSuchAlgorithmException e) {
System.out.println(Error: sha encryption unavailable.);
}
String hashedPass = new
String(md.digest(request.getParameter(pass).getBytes()));
This string contains several characters that are outside the normal ASCII
range. The string could be stored and retrieved using Oracle and MySQL, but
in Postgres any unusual characters become '?'. This corrupts the hash and
prevents users from logging on.
So far, the following have been tried:
- Password stored using PreparedStatement setString() call. Retrieved using
ResultSet.getString(). Verified hash corruption in the database.
- Password field datatype changed from varchar to bytea. Oddly enough,
PreparedStatement.setBytes() can not be used against this datatype. Resorted
to using .setString(). Hash was still corrupted at the database level.
Any insight into how to accomplish this task would be greatly appreciated.
Jerry
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
---(end of broadcast)---
TIP 4: Don't 'kill -9' the postmaster
