how to generate a hash like apache's htpasswd using java

views:

333

answers:

how to generate a hash like apache's htpasswd using java

i use "Force MD5 encryption of the password" in htpasswd to generate a hash for instance '123' i get:

use htpasswd: 123 => $apr1$kaTbKaLO$ewJXRZAKpjaxK4thy2jOp/

use MD5 digest: 123 => 202cb962ac59075b964b07152d234b70

please tell me how can i generate a hash like the apache htpasswd using java Thanks.

+1 A:

http://www.anyexample.com/programming/java/java_simple_class_to_compute_md5_hash.xml

c0mrade 2010-03-18 10:58:43

yes, i used MD5 digest but the result is different with htpasswd's result

robinmag 2010-03-18 12:06:10

@robinmag: You need to salt and use md5 1000 times -- see my answer.

Josh 2010-03-18 16:00:03

+1 A:

Passwords in Apache .htpasswd files are encoded using a salt. If you want to generate these passwords using Java you'll need to do the same. This site has an explanation of the salt/hashing algorithm used for Apache's .htpasswd files; I am looking for an actual algorithm you could use and will edit my answer after I find one.

EDIT: Looks like it's been asked before, right here on SO:

http://stackoverflow.com/questions/39916/programmaticly-building-htpasswd

Here's the documentation from Apache, along with their source code:

http://httpd.apache.org/docs/2.2/misc/password_encryptions.html

http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/crypto/apr_md5.c?view=co

Josh 2010-03-18 12:22:12

ansaurus

tags:

views:

answers:

how to generate a hash like apache's htpasswd using java

related questions