PHP生成SSHA密码函数
<?php
function ssha_encode($text) {
for ($i=1; $i<=10; $i++) {
$salt .= substr('0123456789abcdef',rand(0,15),1);
}
$hash = "{SSHA}" . base64_encode(pack("H*",sha1($text.$salt)).$salt);
return $hash;
}
function ssha_isvalidate($text,$password){
$data = str_replace('{SSHA}','',$password);
$pass= base64_decode($data);
$salt = '';
for ($i =1; $i <= 10; $i++)
$salt = $salt.substr($pass,-$i,1);
$salt = strrev($salt);
$hash = "{SSHA}".base64_encode(pack("H*",sha1($text.$salt)).$salt);
if ($hash == $password)
return true;
else
return false;
}
$data = ssha_encode('123456');
var_dump(ssha_isvalidate('123456',$data));
var_dump(ssha_isvalidate('1',$data));
?>
java连接LDAP代码
package ldap.test;
import java.util.Hashtable;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class ldap {
private String URL = "ldap://mydomain.com:389/";
private String BASEDN = "ou=People,dc=website80,dc=com";
private String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
private LdapContext ctx = null;
private Hashtable env = null;
private Control[] connCtls = null;
private void LDAP_connect(){
env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,FACTORY);
env.put(Context.PROVIDER_URL, URL+BASEDN);//LDAP server
env.put(Context.SECURITY_AUTHENTICATION, "simple");
try{
ctx = new InitialLdapContext(env,connCtls);
}catch(javax.naming.AuthenticationException e){
System.out.println("Authentication faild: "+e.toString());
}catch(Exception e){
System.out.println("Something wrong while authenticating: "+e.toString());
}
}
public boolean authenricate(String ID,String password){
boolean valide = false;
String userDN = String.format("uid=%s,ou=People,dc=domain,dc=com",ID);//getUserDN(ID);
LDAP_connect();
try {
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL,userDN);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS,password);
ctx.reconnect(connCtls);
System.out.println(userDN + " is authenticated");
valide = true;
}catch (AuthenticationException e) {
System.out.println(userDN + " is not authenticated");
System.out.println(e.toString());
valide = false;
}catch (NamingException e) {
System.out.println(userDN + " is not authenticated");
valide = false;
}
return valide;
}
public static void main(String[] args) throws Exception {
ldap l = new ldap();
System.out.println(l.authenricate("username","123456"));
}
}
Python 验证密码是否正确
yum install python-ldap
import ldap
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
l = ldap.initialize("ldaps://10.8.96.117:636")
l.set_option(ldap.OPT_REFERRALS, 0)
l.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
l.set_option(ldap.OPT_X_TLS,ldap.OPT_X_TLS_DEMAND)
l.set_option( ldap.OPT_X_TLS_DEMAND, True )
l.set_option( ldap.OPT_DEBUG_LEVEL, 255 )
l.simple_bind_s('uid=username,ou=People,dc=domain,dc=com','123456') #验证成功
l.simple_bind_s('uid=username,ou=People,dc=domain,dc=com','1234567') #验证失败