Re: Can't get md5 working under Turbine

Tue, 13 Feb 2001 09:48:35 -0800 

Ethan Adams wrote:

> I am running an imap server (cyrus) that authenticates to mysql using md5 encrypted 
>passwords.  The md5 encryption built into the check password module for the imap 
>server uses the encryption method I showed you.  The encryption method Turbine uses 
>doesn't match.  Therefore authenticating to the same database doesn't work.
> 
> I could change the check password module...but this may be more difficult than 
>modifying the Turbine encryption method (BaseSecurityService.encryptPassword(...).

You don't need to modify Turbine sources at all to make it work.

You should define your own SecurityService implementation, by extending
the DBSecurityService class, and
overriding the ecryptPassword methdod. Then, change the setting in
TurbineResources.properties.

Here are two side notes on the implemetnation of encryptPassword() in
BaseSecurityService"

1. We consider the fact that password String may contain unicode
charaters outside of
   7 bit US-ASCII range. Now, the digest method takes bytes as
arguments, therefore
   we convert the chars into bytes using UTF-8 encoding, to be
independent from the
   default encoding on the platform where the server being run, and to
correcly handle
   all possible unicode characters.

   If you are sure that your users can't possibly use non US-ASCII
characters in their
   passwords this is not an issue. UTF-8 conversion will work fine as
well as ISO-8859-1.
   
2. digest methods returns an array of bytes also. We encode it with
base64, because the
   result migth contain non-character byte values. Ofcourse we might
some arbitrary
   encoding to convert it into a String, but wouldn't neccesserily
generate something
   printable, or what's more important convertable into database's
encoding (unless
   we assume an unicode-capable database, which isn't true for most of
them).

   If you know that the digest method returns printable characters only,
use ISO-8859-1 encoding
   and it will work.

I just wanted you to know that we didn't do that out of randomness...
:-)
  
Rafal

--
Rafal Krzewski
Senior Internet Developer
mailto:[EMAIL PROTECTED]
+48 22 8534830 http://e-point.pl


------------------------------------------------------------
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?:           [EMAIL PROTECTED]

Reply via email to