This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I wish to authenticate users to a web application using the data from the OpenDS ldap server. I have written the code to connect to the server and it is working fine.
Now, when the user (whose details are stored in an ldif file available to the ldap server) logs in to the application using a user name and password, I want to query the server to get the user�s password. Then I wish to compare the password used by the user for the current session with the retrieved password so that I can authenticate him/her.
The problem I am facing with this is that though I am getting the password attribute for the user using the following snippet -
, I am not able to authenticate the user because the password is encrypted using a scheme which is unknown to my code. I went through the Java API available to OpenDS at and was not able to find a way to do this. I used a ldap admin tool to check the type of storage scheme used by the server and it turned out to be SSHA. But, I read somewhere that the storage scheme can be set in a property file (I had a quick look through the installation directory of opends and could not locate it ) and hence I dont wish to make the assumption that the scheme would always be SSHA in my code by using the class from the API.
Please suggest a way out of this problem. If the approach I am using is wrong, please correct me.
The normal way to authenticate a user against an LDAP server is to attempt to bind with the given username and password - if it fails either the user name or password is incorrect. You can find some example code here
Joined: Oct 11, 2007
Thanks for the response. I was unnecessarily beating around the bush. The solution is quite simple and clear. Thanks again!