tags:

views:

140

answers:

1
+1  Q: 

Encrypting SALTEDHASHED weblogic password in java

How to encrypt SALTEDHASHED password (used by Weblogic) in java?

I need to be able to hash passwords in exactly the same way as WebLogic's authenticator does. Preferably without using WebLogic's library.

30 minutes later.. I've read some documentation and if I don't know the value of the salt I can't encrypt the password in the same way of weblogic.

So, the new question is: where weblogic stores the value of the salt? It's unique for each password or it associated one to one?

Thanks

+2  A: 

Where does weblogic stores the value of the salt? It's unique for each password or it associated one to one?

The value of the salt is stored in SerializedSystemIni.dat, the domain's password salt file. The salt is unique for each encrypted password. You should use weblogic.security.Encrypt...

Pascal Thivent  2009-11-26 14:11:05
We have deployed the application that checks user's credentials on a weblogic server and then we call the authenticate method of a class in the weblogic.lib!That's works... :|
Frengo  2009-11-27 17:00:14
Not sure I get your comment. Maybe I missed something in the original question...
Pascal Thivent  2009-11-27 17:43:25

related questions

How to implement password protection for individual files?
Encrypting appSettings in web.config
Usefulness of SQL Server "with encryption" statement
How can I use a key blob generated from Win32 CryptoAPI in my .NET application?
CodeReview: Tiny Encryption Algorithm for arbitrary sized data
Simple encryption implementation in C
Which hard disk encryption software to choose?
Passing untampered data from Flash app to server?
How do I prevent replay attacks?
Is there a best .NET algorithm for credit card encryption?
Encrypt data from users in web applications
How to encrypt one message for multiple recipients?
Two-way password encryption without ssl
What's the answer to this Microsoft PDC challenge?
GPG: How does key signing work and how is it done?
Secure Online Highscore Lists for Non-Web Games
Programmatically encrypting a config-file in .NET
How do I use 3des encryption/decryption in Java?
Encryption in C# Web-Services
Suitable alternative to CryptEncrypt
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
C# - CryptographicException: Padding is invalid and cannot be removed
How can I encode xml files to xfdl (base64-gzip)?
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
Encrypting Passwords