Pages

Wednesday, January 14, 2009

LDAP Digest Authentication SunOne Directory Server

I was experimenting with Digest (DIGEST-MD5) authentication using SunOne Directory Server. There are not a lot of notes to explain how to use it, nor is the Sun tutorial on JNDI very helpful.

Note: Here is the important thing to remember. You can ONLY use DIGEST-MD5 with plain text passwords. For example, if the passwords are set using SSHA (Secure Salted Hashing Algorithm), you will need to change them to plain text to use it. This is not something I would recommend doing, because DIGEST-MD5 is not as secure as SSHA.

I would recommend using SSL without using DIGEST-MD5, and keep the passwords secured.

2 comments:

  1. Hi!

    How i disable digest-md5?
    i update my system, but it is enable now, i am lost.

    can you help me?

    dbsechin@ymail.com

    ReplyDelete
  2. I am not sure how to help. Likely, you should set the default password encryption algorithm to something like SSHA.

    ReplyDelete