this is indeed the case, one can use the PasswordUtil's methods if needed for retrieving various parts of a hash
[1] http://svn.apache.org/viewvc/directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/shared/ldap/model/password/PasswordUtil.java?view=markup On Tue, Dec 11, 2012 at 11:58 PM, Linus van Geuns <[email protected]>wrote: > Hey, > > I cannot speak from experience with salted userPassword values of ApacheDS, > but usually they are stored within the attribute userPassword itself. > Format: > userPassword: { <algorithm> } <salt> <hash> > > e.g. for password "test123": > userPassword: {SSHA}e8wXXTVuvS5IPd0tueLHnrWYrgJZtL1j > > The presence and length of the salt and the length of the hash depend on > the chosen algorithm. > > Regards, Linus > > > On Tue, Dec 11, 2012 at 7:17 PM, Kevin Hamilton <[email protected]> > wrote: > > > Hello, > > > > I use the SSHA512 Hashing Interceptor to store passwords. I was wondering > > if there is any way to retrieve these salts after the fact. Where are > they > > stored? > > > > Thanks, > > Kevin > > > > > > -- > Linus van Geuns > IT-Dienstleistungen > > Telefon: +49 179 7700683 > E-Mail: <[email protected]> > > Gartenstr. 56a > 76133 Karlsruhe > -- Kiran Ayyagari http://keydap.com
