Search how to crypt the authentification

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

Search how to crypt the authentification

Cloud-3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi.

I search how i can crypt the password of admin and users. I try to find
the good class to change it but without success.
Someone can help me ?

Thanks
                                                Rémi Laurent.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDl18b3cuWvcsNrnIRAqNkAJ9n/3RnNiJZSAcSCqJM8LsW+fjpnQCfdIP4
vHfZ8s6s0GHRNEtZB4PDt3g=
=mgBM
-----END PGP SIGNATURE-----

Reply | Threaded
Open this post in threaded view
|

Re: Search how to crypt the authentification

William Cai

Usually we calculate MD5 sum of password and store the MD5 sum. Does that make sense?

On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
Hi.

I search how i can crypt the password of admin and users. I try to find
the good class to change it but without success.
Someone can help me ?

Thanks
Reply | Threaded
Open this post in threaded view
|

Re: Search how to crypt the authentification

Cloud-3

William Cai wrote:

> Usually we calculate MD5 sum of password and store the MD5 sum. Does
> that make sense?
>
> On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>
>
>>Hi.
>>
>>I search how i can crypt the password of admin and users. I try to
>>find
>>the good class to change it but without success.
>>Someone can help me ?
>>
>>Thanks
>
>
Thanks for your answer.

I don't want the algorithm but the class which stores the pass in the
xml file and the class which auth the user when he wants to modify data,
to add an algorithm.I've tried with the class
org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
be :

 /**
     * Get the user password.
     */

    public String getPassword() {
        return (String) getValue(ATTR_PASSWORD, null) ;
    }

    /**
     * Set a new password for this user.
     * @param passwd The new user's password.
     */

    public void setPassword(String passwd) {
        setString(ATTR_PASSWORD, passwd);
    }

but if I change passwd in setPassword()  before the setString, there is
no change...

Thanks for your interest.
                                        Rémi Laurent

Reply | Threaded
Open this post in threaded view
|

RE: Search how to crypt the authentification

Nitesh-2

I don't understand! Where is encryption in the entire deal?

Wait... are you saying that you are trying to encrypt the password in in
setPassword() before setString() & are getting same result when encrypting
different words?

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf
Of CLOUD
Sent: Thursday, December 08, 2005 6:22 PM
To: William Cai
Cc: [hidden email]
Subject: Re: Search how to crypt the authentification


William Cai wrote:

> Usually we calculate MD5 sum of password and store the MD5 sum. Does
> that make sense?
>
> On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>
>
>>Hi.
>>
>>I search how i can crypt the password of admin and users. I try to
>>find
>>the good class to change it but without success.
>>Someone can help me ?
>>
>>Thanks
>
>
Thanks for your answer.

I don't want the algorithm but the class which stores the pass in the
xml file and the class which auth the user when he wants to modify data,
to add an algorithm.I've tried with the class
org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
be :

 /**
     * Get the user password.
     */

    public String getPassword() {
        return (String) getValue(ATTR_PASSWORD, null) ;
    }

    /**
     * Set a new password for this user.
     * @param passwd The new user's password.
     */

    public void setPassword(String passwd) {
        setString(ATTR_PASSWORD, passwd);
    }

but if I change passwd in setPassword()  before the setString, there is
no change...

Thanks for your interest.
                                        Rémi Laurent


Reply | Threaded
Open this post in threaded view
|

RE: Search how to crypt the authentification

e.l. seielstad

  I think the original request involves creating a way to encrypt the admin password (and user passwords) stored in the authentication files..

   .../Jigsaw/config/auth/*.db files contain clear-text versions of user names and  passwords for the jigsaw server.

        --erik.
 

Nitesh <[hidden email]> wrote:

I don't understand! Where is encryption in the entire deal?

Wait... are you saying that you are trying to encrypt the password in in
setPassword() before setString() & are getting same result when encrypting
different words?

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf
Of CLOUD
Sent: Thursday, December 08, 2005 6:22 PM
To: William Cai
Cc: [hidden email]
Subject: Re: Search how to crypt the authentification


William Cai wrote:

> Usually we calculate MD5 sum of password and store the MD5 sum. Does
> that make sense?
>
> On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>
>
>>Hi.
>>
>>I search how i can crypt the password of admin and users. I try to
>>find
>>the good class to change it but without success.
>>Someone can help me ?
>>
>>Thanks
>
>
Thanks for your answer.

I don't want the algorithm but the class which stores the pass in the
xml file and the class which auth the user when he wants to modify data,
to add an algorithm.I've tried with the class
org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
be :

/**
* Get the user password.
*/

public String getPassword() {
return (String) getValue(ATTR_PASSWORD, null) ;
}

/**
* Set a new password for this user.
* @param passwd The new user's password.
*/

public void setPassword(String passwd) {
setString(ATTR_PASSWORD, passwd);
}

but if I change passwd in setPassword() before the setString, there is
no change...

Thanks for your interest.
R?mi Laurent




Yahoo! Shopping
Find Great Deals on Holiday Gifts at Yahoo! Shopping
Reply | Threaded
Open this post in threaded view
|

Re: Search how to crypt the authentification

Cloud-3

e.l. seielstad wrote:

>     I think the original request involves creating a way to encrypt  the admin password (and user passwords) stored in the authentication  files..
>  
>      .../Jigsaw/config/auth/*.db files contain clear-text  versions of user names and  passwords for the jigsaw server.
>  
>           --erik.
>    
>
> Nitesh <[hidden email]> wrote:  
> I don't understand! Where is encryption in the entire deal?
>
> Wait... are you saying that you are trying to encrypt the password in in
> setPassword() before setString() & are getting same result when encrypting
> different words?
>
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On Behalf
> Of CLOUD
> Sent: Thursday, December 08, 2005 6:22 PM
> To: William Cai
> Cc: [hidden email]
> Subject: Re: Search how to crypt the authentification
>
>
> William Cai wrote:
>
>>Usually we calculate MD5 sum of password and store the MD5 sum. Does
>>that make sense?
>>
>>On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>>
>>
>>
>>>Hi.
>>>
>>>I search how i can crypt the password of admin and users. I try to
>>>find
>>>the good class to change it but without success.
>>>Someone can help me ?
>>>
>>>Thanks
>>
>>
> Thanks for your answer.
>
> I don't want the algorithm but the class which stores the pass in the
> xml file and the class which auth the user when he wants to modify data,
> to add an algorithm.I've tried with the class
> org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
> be :
>
>  /**
>      * Get the user password.
>      */
>
>     public String getPassword() {
>  return (String) getValue(ATTR_PASSWORD, null) ;
>     }
>
>     /**
>      * Set a new password for this user.
>      * @param passwd The new user's password.
>      */
>
>     public void setPassword(String passwd) {
>  setString(ATTR_PASSWORD, passwd);
>     }
>
> but if I change passwd in setPassword()  before the setString, there is
> no change...
>
> Thanks for your interest.
>      Rémi Laurent
>
>
>
>
>
>
> ---------------------------------
> Yahoo! Shopping
>  Find Great Deals on Holiday Gifts at Yahoo! Shopping

Yes erik has understandood my request. I want to encrypt this clear-text
password modifying classes and of course the same thing for the
authentication. But I don't find the classes to do its.

                                                Rémi Laurent

Reply | Threaded
Open this post in threaded view
|

RE: Search how to crypt the authentification

Nitesh-2

I'm not quite sure if I still understand your problem well enough.

Anyway, see if this helps:
http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html

Lastly, I recommend Hashing for passwords used in internet applications!

Let me know if it helps or if you need more related info! Good Luck!

ciao!!!

-nitesh

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf
Of CLOUD
Sent: Thursday, December 08, 2005 9:48 PM
To: e.l. seielstad
Cc: [hidden email]
Subject: Re: Search how to crypt the authentification


e.l. seielstad wrote:
>     I think the original request involves creating a way to encrypt  the
admin password (and user passwords) stored in the authentication  files..
>  
>      .../Jigsaw/config/auth/*.db files contain clear-text  versions of
user names and  passwords for the jigsaw server.

>  
>           --erik.
>    
>
> Nitesh <[hidden email]> wrote:  
> I don't understand! Where is encryption in the entire deal?
>
> Wait... are you saying that you are trying to encrypt the password in in
> setPassword() before setString() & are getting same result when encrypting
> different words?
>
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On
Behalf

> Of CLOUD
> Sent: Thursday, December 08, 2005 6:22 PM
> To: William Cai
> Cc: [hidden email]
> Subject: Re: Search how to crypt the authentification
>
>
> William Cai wrote:
>
>>Usually we calculate MD5 sum of password and store the MD5 sum. Does
>>that make sense?
>>
>>On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>>
>>
>>
>>>Hi.
>>>
>>>I search how i can crypt the password of admin and users. I try to
>>>find
>>>the good class to change it but without success.
>>>Someone can help me ?
>>>
>>>Thanks
>>
>>
> Thanks for your answer.
>
> I don't want the algorithm but the class which stores the pass in the
> xml file and the class which auth the user when he wants to modify data,
> to add an algorithm.I've tried with the class
> org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
> be :
>
>  /**
>      * Get the user password.
>      */
>
>     public String getPassword() {
>  return (String) getValue(ATTR_PASSWORD, null) ;
>     }
>
>     /**
>      * Set a new password for this user.
>      * @param passwd The new user's password.
>      */
>
>     public void setPassword(String passwd) {
>  setString(ATTR_PASSWORD, passwd);
>     }
>
> but if I change passwd in setPassword()  before the setString, there is
> no change...
>
> Thanks for your interest.
>      Rémi Laurent
>
>
>
>
>
>
> ---------------------------------
> Yahoo! Shopping
>  Find Great Deals on Holiday Gifts at Yahoo! Shopping

Yes erik has understandood my request. I want to encrypt this clear-text
password modifying classes and of course the same thing for the
authentication. But I don't find the classes to do its.

                                                Rémi Laurent


Reply | Threaded
Open this post in threaded view
|

Re: Search how to crypt the authentification

Cloud-3

Nitesh wrote:

> I'm not quite sure if I still understand your problem well enough.
>
> Anyway, see if this helps:
> http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html
>
> Lastly, I recommend Hashing for passwords used in internet applications!
>
> Let me know if it helps or if you need more related info! Good Luck!
>
> ciao!!!
>
> -nitesh
>
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On Behalf
> Of CLOUD
> Sent: Thursday, December 08, 2005 9:48 PM
> To: e.l. seielstad
> Cc: [hidden email]
> Subject: Re: Search how to crypt the authentification
>
>
> e.l. seielstad wrote:
>
>>    I think the original request involves creating a way to encrypt  the
>
> admin password (and user passwords) stored in the authentication  files..
>
>>  
>>     .../Jigsaw/config/auth/*.db files contain clear-text  versions of
>
> user names and  passwords for the jigsaw server.
>
>>  
>>          --erik.
>>    
>>
>>Nitesh <[hidden email]> wrote:  
>>I don't understand! Where is encryption in the entire deal?
>>
>>Wait... are you saying that you are trying to encrypt the password in in
>>setPassword() before setString() & are getting same result when encrypting
>>different words?
>>
>>-----Original Message-----
>>From: [hidden email] [mailto:[hidden email]] On
>
> Behalf
>
>>Of CLOUD
>>Sent: Thursday, December 08, 2005 6:22 PM
>>To: William Cai
>>Cc: [hidden email]
>>Subject: Re: Search how to crypt the authentification
>>
>>
>>William Cai wrote:
>>
>>
>>>Usually we calculate MD5 sum of password and store the MD5 sum. Does
>>>that make sense?
>>>
>>>On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>>>
>>>
>>>
>>>
>>>>Hi.
>>>>
>>>>I search how i can crypt the password of admin and users. I try to
>>>>find
>>>>the good class to change it but without success.
>>>>Someone can help me ?
>>>>
>>>>Thanks
>>>
>>>
>>Thanks for your answer.
>>
>>I don't want the algorithm but the class which stores the pass in the
>>xml file and the class which auth the user when he wants to modify data,
>>to add an algorithm.I've tried with the class
>>org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
>>be :
>>
>> /**
>>     * Get the user password.
>>     */
>>
>>    public String getPassword() {
>> return (String) getValue(ATTR_PASSWORD, null) ;
>>    }
>>
>>    /**
>>     * Set a new password for this user.
>>     * @param passwd The new user's password.
>>     */
>>
>>    public void setPassword(String passwd) {
>> setString(ATTR_PASSWORD, passwd);
>>    }
>>
>>but if I change passwd in setPassword()  before the setString, there is
>>no change...
>>
>>Thanks for your interest.
>>     Rémi Laurent
>>
>>
>>
>>
>>
>>
>>---------------------------------
>>Yahoo! Shopping
>> Find Great Deals on Holiday Gifts at Yahoo! Shopping
>
>
> Yes erik has understandood my request. I want to encrypt this clear-text
> password modifying classes and of course the same thing for the
> authentication. But I don't find the classes to do its.
>
> Rémi Laurent
>
>
>
        My problem is not to choose the best algorithm but how apply it. I know
the Md5 class. It's just an algorithm like CRC32 or Base64 to crypt.
I'm student in security and I must apply one of this algorithm to the
user passwords of jigsaw which are write in clear-text and which
circulate clearly on the network.
        That's why I search the classes used when we add a user and when a user
need to be auth to crypt the password at this time with an easy
algorith. The goal is just to find the class to modify and how modify it
and not to choose the best algorithm to crypt the password.

Sorry if I don't explain very well my problem but thanks for your help.

Reply | Threaded
Open this post in threaded view
|

RE: Search how to crypt the authentification

Yves Lafon
In reply to this post by Nitesh-2

On Thu, 8 Dec 2005, Nitesh wrote:

>
> I'm not quite sure if I still understand your problem well enough.
>
> Anyway, see if this helps:
> http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html
>
> Lastly, I recommend Hashing for passwords used in internet applications!
>
> Let me know if it helps or if you need more related info! Good Luck!

Bear in mind that Basic auth in HTTP use login password in clear text
(well, base64 encoded for that matters but still), in that case it is easy
to store locally in md5 but as all that is required is to sniff the
network...
For Digest auth, a part of the hash requires the passwd in clear text on
both side
A1       = unq(username-value) ":" unq(realm-value) ":" passwd

> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On Behalf
> Of CLOUD
> Sent: Thursday, December 08, 2005 9:48 PM
> To: e.l. seielstad
> Cc: [hidden email]
> Subject: Re: Search how to crypt the authentification
>
>
> e.l. seielstad wrote:
>>     I think the original request involves creating a way to encrypt  the
> admin password (and user passwords) stored in the authentication  files..
>>
>>      .../Jigsaw/config/auth/*.db files contain clear-text  versions of
> user names and  passwords for the jigsaw server.
>>
>>           --erik.
>>
>>
>> Nitesh <[hidden email]> wrote:
>> I don't understand! Where is encryption in the entire deal?
>>
>> Wait... are you saying that you are trying to encrypt the password in in
>> setPassword() before setString() & are getting same result when encrypting
>> different words?
>>
>> -----Original Message-----
>> From: [hidden email] [mailto:[hidden email]] On
> Behalf
>> Of CLOUD
>> Sent: Thursday, December 08, 2005 6:22 PM
>> To: William Cai
>> Cc: [hidden email]
>> Subject: Re: Search how to crypt the authentification
>>
>>
>> William Cai wrote:
>>
>>> Usually we calculate MD5 sum of password and store the MD5 sum. Does
>>> that make sense?
>>>
>>> On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>>>
>>>
>>>
>>>> Hi.
>>>>
>>>> I search how i can crypt the password of admin and users. I try to
>>>> find
>>>> the good class to change it but without success.
>>>> Someone can help me ?
>>>>
>>>> Thanks
>>>
>>>
>> Thanks for your answer.
>>
>> I don't want the algorithm but the class which stores the pass in the
>> xml file and the class which auth the user when he wants to modify data,
>> to add an algorithm.I've tried with the class
>> org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
>> be :
>>
>>  /**
>>      * Get the user password.
>>      */
>>
>>     public String getPassword() {
>>  return (String) getValue(ATTR_PASSWORD, null) ;
>>     }
>>
>>     /**
>>      * Set a new password for this user.
>>      * @param passwd The new user's password.
>>      */
>>
>>     public void setPassword(String passwd) {
>>  setString(ATTR_PASSWORD, passwd);
>>     }
>>
>> but if I change passwd in setPassword()  before the setString, there is
>> no change...
>>
>> Thanks for your interest.
>>      Rémi Laurent
>>
>>
>>
>>
>>
>>
>> ---------------------------------
>> Yahoo! Shopping
>>  Find Great Deals on Holiday Gifts at Yahoo! Shopping
>
> Yes erik has understandood my request. I want to encrypt this clear-text
> password modifying classes and of course the same thing for the
> authentication. But I don't find the classes to do its.
>
> Rémi Laurent
>
>
>

--
Yves Lafon - W3C
"Baroula que barouleras, au tiéu toujou t'entourneras."

Reply | Threaded
Open this post in threaded view
|

Re: Search how to crypt the authentification

Cloud-3

Thank you for your help.

Yves Lafon wrote:

>
> On Thu, 8 Dec 2005, Nitesh wrote:
>
>>
>> I'm not quite sure if I still understand your problem well enough.
>>
>> Anyway, see if this helps:
>> http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html
>>
>> Lastly, I recommend Hashing for passwords used in internet applications!
>>
>> Let me know if it helps or if you need more related info! Good Luck!
>
>
> Bear in mind that Basic auth in HTTP use login password in clear text
> (well, base64 encoded for that matters but still), in that case it is
> easy to store locally in md5 but as all that is required is to sniff the
> network...
> For Digest auth, a part of the hash requires the passwd in clear text on
> both side
> A1       = unq(username-value) ":" unq(realm-value) ":" passwd
>
>> -----Original Message-----
>> From: [hidden email] [mailto:[hidden email]] On
>> Behalf
>> Of CLOUD
>> Sent: Thursday, December 08, 2005 9:48 PM
>> To: e.l. seielstad
>> Cc: [hidden email]
>> Subject: Re: Search how to crypt the authentification
>>
>>
>> e.l. seielstad wrote:
>>
>>>     I think the original request involves creating a way to encrypt  the
>>
>> admin password (and user passwords) stored in the authentication  files..
>>
>>>
>>>      .../Jigsaw/config/auth/*.db files contain clear-text  versions of
>>
>> user names and  passwords for the jigsaw server.
>>
>>>
>>>           --erik.
>>>
>>>
>>> Nitesh <[hidden email]> wrote:
>>> I don't understand! Where is encryption in the entire deal?
>>>
>>> Wait... are you saying that you are trying to encrypt the password in in
>>> setPassword() before setString() & are getting same result when
>>> encrypting
>>> different words?
>>>
>>> -----Original Message-----
>>> From: [hidden email] [mailto:[hidden email]] On
>>
>> Behalf
>>
>>> Of CLOUD
>>> Sent: Thursday, December 08, 2005 6:22 PM
>>> To: William Cai
>>> Cc: [hidden email]
>>> Subject: Re: Search how to crypt the authentification
>>>
>>>
>>> William Cai wrote:
>>>
>>>> Usually we calculate MD5 sum of password and store the MD5 sum. Does
>>>> that make sense?
>>>>
>>>> On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>>>>
>>>>
>>>>
>>>>> Hi.
>>>>>
>>>>> I search how i can crypt the password of admin and users. I try to
>>>>> find
>>>>> the good class to change it but without success.
>>>>> Someone can help me ?
>>>>>
>>>>> Thanks
>>>>
>>>>
>>>>
>>> Thanks for your answer.
>>>
>>> I don't want the algorithm but the class which stores the pass in the
>>> xml file and the class which auth the user when he wants to modify data,
>>> to add an algorithm.I've tried with the class
>>> org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
>>> be :
>>>
>>>  /**
>>>      * Get the user password.
>>>      */
>>>
>>>     public String getPassword() {
>>>  return (String) getValue(ATTR_PASSWORD, null) ;
>>>     }
>>>
>>>     /**
>>>      * Set a new password for this user.
>>>      * @param passwd The new user's password.
>>>      */
>>>
>>>     public void setPassword(String passwd) {
>>>  setString(ATTR_PASSWORD, passwd);
>>>     }
>>>
>>> but if I change passwd in setPassword()  before the setString, there is
>>> no change...
>>>
>>> Thanks for your interest.
>>>      Rémi Laurent
>>>
>>>
>>>
>>>
>>>
>>>
>>> ---------------------------------
>>> Yahoo! Shopping
>>>  Find Great Deals on Holiday Gifts at Yahoo! Shopping
>>
>>
>> Yes erik has understandood my request. I want to encrypt this clear-text
>> password modifying classes and of course the same thing for the
>> authentication. But I don't find the classes to do its.
>>
>>                         Rémi Laurent
>>
>>
>>
>


Reply | Threaded
Open this post in threaded view
|

Re: Search how to crypt the authentification

Cloud-3
In reply to this post by Yves Lafon

Thanks, first I'm going to work to a SSL connection and after if I have
time I'm trying to crypt pass in the text files but in fact it's not the
principal matter.
                                        Rémi Laurent.

Yves Lafon wrote:

>
> On Thu, 8 Dec 2005, Nitesh wrote:
>
>>
>> I'm not quite sure if I still understand your problem well enough.
>>
>> Anyway, see if this helps:
>> http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html
>>
>> Lastly, I recommend Hashing for passwords used in internet applications!
>>
>> Let me know if it helps or if you need more related info! Good Luck!
>
>
> Bear in mind that Basic auth in HTTP use login password in clear text
> (well, base64 encoded for that matters but still), in that case it is
> easy to store locally in md5 but as all that is required is to sniff the
> network...
> For Digest auth, a part of the hash requires the passwd in clear text on
> both side
> A1       = unq(username-value) ":" unq(realm-value) ":" passwd
>
>> -----Original Message-----
>> From: [hidden email] [mailto:[hidden email]] On
>> Behalf
>> Of CLOUD
>> Sent: Thursday, December 08, 2005 9:48 PM
>> To: e.l. seielstad
>> Cc: [hidden email]
>> Subject: Re: Search how to crypt the authentification
>>
>>
>> e.l. seielstad wrote:
>>
>>>     I think the original request involves creating a way to encrypt  the
>>
>> admin password (and user passwords) stored in the authentication  files..
>>
>>>
>>>      .../Jigsaw/config/auth/*.db files contain clear-text  versions of
>>
>> user names and  passwords for the jigsaw server.
>>
>>>
>>>           --erik.
>>>
>>>
>>> Nitesh <[hidden email]> wrote:
>>> I don't understand! Where is encryption in the entire deal?
>>>
>>> Wait... are you saying that you are trying to encrypt the password in in
>>> setPassword() before setString() & are getting same result when
>>> encrypting
>>> different words?
>>>
>>> -----Original Message-----
>>> From: [hidden email] [mailto:[hidden email]] On
>>
>> Behalf
>>
>>> Of CLOUD
>>> Sent: Thursday, December 08, 2005 6:22 PM
>>> To: William Cai
>>> Cc: [hidden email]
>>> Subject: Re: Search how to crypt the authentification
>>>
>>>
>>> William Cai wrote:
>>>
>>>> Usually we calculate MD5 sum of password and store the MD5 sum. Does
>>>> that make sense?
>>>>
>>>> On Wed, 2005-12-07 at 23:15 +0100, CLOUD wrote:
>>>>
>>>>
>>>>
>>>>> Hi.
>>>>>
>>>>> I search how i can crypt the password of admin and users. I try to
>>>>> find
>>>>> the good class to change it but without success.
>>>>> Someone can help me ?
>>>>>
>>>>> Thanks
>>>>
>>>>
>>>>
>>> Thanks for your answer.
>>>
>>> I don't want the algorithm but the class which stores the pass in the
>>> xml file and the class which auth the user when he wants to modify data,
>>> to add an algorithm.I've tried with the class
>>> org.w3c.jigsaw.auth.AuthUser.java but without success . I thought it can
>>> be :
>>>
>>>  /**
>>>      * Get the user password.
>>>      */
>>>
>>>     public String getPassword() {
>>>  return (String) getValue(ATTR_PASSWORD, null) ;
>>>     }
>>>
>>>     /**
>>>      * Set a new password for this user.
>>>      * @param passwd The new user's password.
>>>      */
>>>
>>>     public void setPassword(String passwd) {
>>>  setString(ATTR_PASSWORD, passwd);
>>>     }
>>>
>>> but if I change passwd in setPassword()  before the setString, there is
>>> no change...
>>>
>>> Thanks for your interest.
>>>      Rémi Laurent
>>>
>>>
>>>
>>>
>>>
>>>
>>> ---------------------------------
>>> Yahoo! Shopping
>>>  Find Great Deals on Holiday Gifts at Yahoo! Shopping
>>
>>
>> Yes erik has understandood my request. I want to encrypt this clear-text
>> password modifying classes and of course the same thing for the
>> authentication. But I don't find the classes to do its.
>>
>>                         Rémi Laurent
>>
>>
>>
>