This week's book giveaways are in the Angular and TypeScript and Web Services forums.
We're giving away four copies each of Programming with Types and The Design of Web APIs and have the authors on-line!
See this thread and this one for details.
Win a copy of Programming with Types this week in the Angular and TypeScript forum
or The Design of Web APIs in the Web Services forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Bear Bibeault
  • Paul Clapham
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Knute Snortum
  • Henry Wong
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Frits Walraven
  • Joe Ess
  • salvin francis

LDAP username password retrival

 
Ranch Hand
Posts: 251
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I want to retrieve the username and password frtom LDAP server for the respective userId which is passed as an input. I am using javax.naming security package in java (1.6). Please help me how we can go about this? any examples or links are really appreciated.

Thanks.
 
Bartender
Posts: 4568
9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You shouldn't be able to extract the password. It should be stored using a hash function/one-way encryption so that you can check a password but not recover it.
 
Rithanya Laxmi
Ranch Hand
Posts: 251
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Mathew. Password will always be encrypted and stored in the LDAP DB right? Where my requirement is to retrieve the encrypted password and store that in a local DB?How to go about this? Whether LDAP server will have any table where the username & password will be stored? Please clarify.

Thanks.
 
Matthew Brown
Bartender
Posts: 4568
9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It's going to depend on your LDAP server, and how it stores the password. But it's very common to use a one-way encryption, as I said. If that's the case then what you want to do simply isn't possible (short of running a brute force attack against every password).

You'll have to check the documentation and configuration for your specific server - maybe ask your system administrators.
 
Ranch Hand
Posts: 138
Spring Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am not 100% sure if this is possible, but something that I remember from one of my previous projects.

LDAP can add logged in user's attributes to http header.

Again, I don't know if this would depend on LDAP server implementation or so.

A link that might help you :
http://pic.dhe.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=%2Fcom.ibm.itame2.doc_5.1%2Fam51_webservers_guide145.htm
 
What's that smell? Hey, sniff this tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!