Hi,
I see that the admin user has the password set as "enc:*****..."
What type of hash is that? Is it possible to reproduce it through php?
Also, is their any difference between the admin user and users added after the install, in terms of the password hash?
I see that a second user I have created has a short hash length.
Thanks,
Enc the password for user
Moderator: moderators
6 posts
• Page 1 of 1
Enc the password for user
by wuhaa » Thu Aug 27, 2009 8:55 pm
- wuhaa
- Posts: 14
- Joined: Mon Jul 20, 2009 5:45 pm
by wuhaa » Fri Aug 28, 2009 3:16 am
I have downloaded the source of subsonic. in order to try to figure this out. In the UserDao.Java file, the following function encodes the password string:
Basically I need to reset the password every night for a bunch of users on subsonic. So I have put together a little curl script that will attempt to change the passwords through http://hostname/subsonic/db.view.
Now, the problem is that I don't know what function is needed to create a hash to insert into the user table?!
- Code: Select all
return "enc:" + StringUtil.utf8HexEncode(s);
Basically I need to reset the password every night for a bunch of users on subsonic. So I have put together a little curl script that will attempt to change the passwords through http://hostname/subsonic/db.view.
Now, the problem is that I don't know what function is needed to create a hash to insert into the user table?!
- wuhaa
- Posts: 14
- Joined: Mon Jul 20, 2009 5:45 pm
by wuhaa » Fri Aug 28, 2009 3:27 am
Ok so the StringUtil.java file has these 2 functions used in the password hashing:
If someone can translate these functions over to php syntax, I would greatly appreciate it...
- Code: Select all
public static String utf8HexEncode(String s) throws Exception {
if (s == null) {
return null;
}
byte[] utf8 = s.getBytes(ENCODING_UTF8);
return String.valueOf(Hex.encodeHex(utf8));
}
public static String utf8HexDecode(String s) throws Exception {
if (s == null) {
return null;
}
return new String(Hex.decodeHex(s.toCharArray()), ENCODING_UTF8);
}
If someone can translate these functions over to php syntax, I would greatly appreciate it...
- wuhaa
- Posts: 14
- Joined: Mon Jul 20, 2009 5:45 pm
by deriksen » Fri Aug 28, 2009 6:28 am
Just a naive question here, but instead of having to reset a whole bunch of user passwords (I'm not even going to ask why you're doing that 
), why not just distribute a guest user and reset that user's password however often you choose?
/D
), why not just distribute a guest user and reset that user's password however often you choose?
/D
- deriksen
- Posts: 108
- Joined: Mon Jan 19, 2009 7:31 am
- Location: Kristiansand, Norway
by wuhaa » Fri Aug 28, 2009 3:03 pm
deriksen wrote:Just a naive question here, but instead of having to reset a whole bunch of user passwords (I'm not even going to ask why you're doing that
/D
I should be more clear about that. I have 15 virtual machines running subsonic. Its annoying to change passwords on all the different machines. The number of my VMs will grow in the future. Thats the reason that I have also made the curl script. I would like to automate this whole process...
Hope that helps.
- wuhaa
- Posts: 14
- Joined: Mon Jul 20, 2009 5:45 pm
by wuhaa » Fri Aug 28, 2009 5:51 pm
If anyone needs to do this, here is the php equivalent:
- Code: Select all
<?php
# Source: http://stackoverflow.com/questions/885597/string-to-byte-array-in-php
function HexEncode ($string)
{
$hex_ary = array();
foreach (str_split($string) as $chr)
{
$hex_ary[] = sprintf("%02X", ord($chr));
}
return implode('',$hex_ary);
}
?>
- wuhaa
- Posts: 14
- Joined: Mon Jul 20, 2009 5:45 pm
6 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 9 guests