RE: Search how to crypt the authentification from Nitesh on 2005-12-08 (www-jigsaw@w3.org from November to December 2005)

From: Nitesh <nitesh.gulati@gmail.com>
Date: Thu, 8 Dec 2005 22:29:01 +0530
To: "'CLOUD'" <cloud@madpowah.org>, "'e.l. seielstad'" <elseielstad@yahoo.com>
Cc: <www-jigsaw@w3.org>
Message-ID: <001901c5fc18$b2c55a60$0205a8c0@JULIET>

I'm not quite sure if I still understand your problem well enough.

Anyway, see if this helps:
http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html

Lastly, I recommend Hashing for passwords used in internet applications!

Let me know if it helps or if you need more related info! Good Luck!

ciao!!!

-nitesh

-----Original Message-----
From: www-jigsaw-request@w3.org [mailto:www-jigsaw-request@w3.org] On Behalf
Of CLOUD
Sent: Thursday, December 08, 2005 9:48 PM
To: e.l. seielstad
Cc: www-jigsaw@w3.org
Subject: Re: Search how to crypt the authentification


e.l. seielstad wrote:
>     I think the original request involves creating a way to encrypt  the
admin password (and user passwords) stored in the authentication  files..
>   
>      .../Jigsaw/config/auth/*.db files contain clear-text  versions of
user names and  passwords for the jigsaw server.
>   
>           --erik.
>     
> 
> Nitesh <nitesh.gulati@gmail.com> wrote:  
> I don't understand! Where is encryption in the entire deal?
> 
> Wait... are you saying that you are trying to encrypt the password in in
> setPassword() before setString() & are getting same result when encrypting
> different words?
> 
> -----Original Message-----
> From: www-jigsaw-request@w3.org [mailto:www-jigsaw-request@w3.org] On
Behalf
> Of CLOUD
> Sent: Thursday, December 08, 2005 6:22 PM
> To: William Cai
> Cc: www-jigsaw@w3.org
> Subject: Re: Search how to crypt the authentification
> 
> 
> William Cai wrote:
> 
>>Usually we calculate MD5 sum of password and store the MD5 sum. Does
>>that make sense?
>>
>>On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>>
>>
>>
>>>Hi.
>>>
>>>I search how i can crypt the password of admin and users. I try to
>>>find
>>>the good class to change it but without success.
>>>Someone can help me ?
>>>
>>>Thanks 
>>
>>
> Thanks for your answer.
> 
> I don't want the algorithm but the class which stores the pass in the
> xml file and the class which auth the user when he wants to modify data,
> to add an algorithm.I've tried with the class
> org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
> be :
> 
>  /**
>      * Get the user password.
>      */
> 
>     public String getPassword() {
>  return (String) getValue(ATTR_PASSWORD, null) ;
>     }
> 
>     /**
>      * Set a new password for this user.
>      * @param passwd The new user's password.
>      */
> 
>     public void setPassword(String passwd) {
>  setString(ATTR_PASSWORD, passwd);
>     }
> 
> but if I change passwd in setPassword()  before the setString, there is
> no change...
> 
> Thanks for your interest. 
>      Rémi Laurent
> 
> 
> 
> 
> 
> 			
> ---------------------------------
> Yahoo! Shopping
>  Find Great Deals on Holiday Gifts at Yahoo! Shopping 

Yes erik has understandood my request. I want to encrypt this clear-text
password modifying classes and of course the same thing for the
authentication. But I don't find the classes to do its.

						Rémi Laurent

Received on Thursday, 8 December 2005 16:59:21 UTC