Re: [Newbie] MySQL "PASSWORD" in WO?
Re: [Newbie] MySQL "PASSWORD" in WO?
- Subject: Re: [Newbie] MySQL "PASSWORD" in WO?
- From: Arturo PĂ©rez <email@hidden>
- Date: Fri, 30 Apr 2004 19:14:13 -0400
On Apr 30, 2004, at 3:56 PM, Lucas Haley wrote:
Heya all!
So, once again, I'm coming from a PHP background. When creating logins
and members, I have used the MySQL method PASSWORD() to encrypt the
passwords in the database. Is there a convenient way of doing this in
WO? I've tried making a FetchSpecification in EOModeler, but had to
end up using the raw SQL panel to add the PASSWORD() call.
Thanks for any help!
-Lucas
ps. I think I'm starting to "get" WebObjects. And its looking goooood.
Java has a ton of stuff for this, it's not strictly a WO/EOF thing.
The fundamental question is whether you need one way or two way
encryption. One way means that you don't care ever to know what the
password is (this is the best option from a security point of view).
In this case you do
static MessageDigest encrypter;
public void initializeEncryption() throws
java.security.NoSuchAlgorithmException
try {
encrypter = MessageDigest.getInstance("SHA1");
} catch (java.security.NoSuchAlgorithmException nsae) {
NSLog.err.appendln("could not instantiate SHA1");
NSLog.err.appendln(nsae.toString());
throw nsae;
}
public String encodePassword(String pw) {
byte[] encPass = encrypter.digest(pw.getBytes());
return new String(Base64.encode(encPass)); // base64 found on
the net.
}
Two-way is vastly (well, somewhat) more complicated and not worth the
trouble.
----
WO in philadelphia - wanna cheesesteak with that?
Please visit webobjects.meetup.com.
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.