I wish to authenticate users to a web application using the data from the OpenDS ldap server. I have written the code to connect to the server and it is working fine.
Now, when the user (whose details are stored in an ldif file available to the ldap server) logs in to the application using a user name and password, I want to query the server to get the user�s password. Then I wish to compare the password used by the user for the current session with the retrieved password so that I can authenticate him/her.
The problem I am facing with this is that though I am getting the password attribute for the user using the following snippet -
, I am not able to authenticate the user because the password is encrypted using a scheme which is unknown to my code
. I went through the Java API available to OpenDS at
and was not able to find a way to do this. I used a ldap admin tool to check the type of storage scheme used by the server and it turned out to be SSHA. But, I read somewhere that the storage scheme can be set in a property file (I had a quick look through the installation directory of opends and could not locate it
) and hence I dont wish to make the assumption that the scheme would always be SSHA in my code by using the class from the API.
Please suggest a way out of this problem. If the approach I am using is wrong, please correct me.