CODEWITHSUNDEEP
javaldapjndiapacheds
madan
madan

Reputation: 171

JNDI LDAP How to decode SSHA password

I used apacheds(as LDAP server) and inserted entries into it using apache directory studio. For the userPassword atribute I selected plain text only. but, apache directory studio is encrypting it. i don't know why is that. Now, my java program to retrieve that entry is giving me a ssha encrypted password. can anyone out there help me in how to decode it ?

    import java.util.Hashtable;
    import javax.naming.Context;
    import javax.naming.NamingEnumeration;
    import javax.naming.NamingException;
    import javax.naming.directory.Attribute;
    import javax.naming.directory.Attributes;
    import javax.naming.directory.DirContext;
    import javax.naming.directory.InitialDirContext;

    class GetAttrs {
    public static void main(String[] args) {

    // Set up the environment for creating the initial context
    Hashtable<String, Object> env = new Hashtable<String, Object>(11);
    env.put(Context.INITIAL_CONTEXT_FACTORY,
      "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, "ldap://localhost:10389/o=mojo");
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
    env.put(Context.SECURITY_CREDENTIALS, "secret");

    try {
    // Create initial context
    DirContext ctx = new InitialDirContext(env);

    // Specify the ids of the attributes to return
    String[] attrIDs = { "cn", "sn", "uid", "userPassword" };

    // Get the attributes requested
    Attributes answer = ctx
      .getAttributes("cn=Harish Koppala, ou=Users", attrIDs);

    // Print the answer
    printAttrs(answer);

    // Close the context when we're done
    ctx.close();
    } catch (Exception e) {
    e.printStackTrace();
    }
    }

    static void printAttrs(Attributes attrs) throws Exception{
    if (attrs == null) {
    System.out.println("No attributes");
    } else {
    /* Print each attribute */
    try {
    for (NamingEnumeration ae = attrs.getAll(); ae.hasMore();) {
      Attribute attr = (Attribute) ae.next();
      System.out.print(attr.getID()+" : ");
      /* print each value */
      if("userpassword".equalsIgnoreCase(attr.getID())){
          for (
                  NamingEnumeration e = attr.getAll();
                  e.hasMore();                    
                  System.out.println(new String((byte[])e.next()))
               );
      }else{
      for (
              NamingEnumeration e = attr.getAll();
              e.hasMore();
              System.out.println(e.next())
          );
      }
      }
     } catch (NamingException e) {
     e.printStackTrace();
     }
     }
     }

     }

output:
userPassword : {SSHA}SKA8QY7BBX0tgdZlzL+3sEDFnIBsJwd8VHjexw==
uid : hwilliams
sn : Williams
cn : Hugo Williams

Upvotes: 0

Views: 4521

Answers (1)

user207421
user207421

Reputation: 310903

It isn't encrypting it. It is securely hashing it. You can't decrypt or decode it.

Upvotes: 1

Related Questions