Hi!
I need register and authorize users more then one program. I’m create system, who include several components and I need unitary authorization. One of the components is BO WI. I want create authorization system based on BO repository. Anybody know, how I can get the password text from BO user register? What algorithm use BO to encode password text? May be exist some functions, who code and encode password text?
mareks
Listserv Archives (BOB member since 2002-06-25)
In a message dated 00-03-17 07:25:29 EST, you write:
Anybody know, how I can get the password text from BO user
register? What algorithm use BO to encode password text? May be exist some functions, who code and encode password text?
The password is there, and it is encoded.
As far as decoding the password, you may be out of luck. Most (good) secure systems use a one-way function for encoding encrypted information. In other words, you can put something in, but you cannot get it out again. Have you ever had a sys-admin tell you something like, “I can’t tell you what your old password was, but I can give you a new one?” That’s because there is no “decode” function.
The way the login process works is this:
What is a one way function? Technically speaking, it is a function that has no inverse. For example, the inverse of the square function is the square root. Taking the square of a square root returns the original value. There are more esoteric functions that do not have an inverse; these are typically used in encryption routines for passwords for this reason. Obviously for data encryption (like DES, where someone will eventually want to decrypt the data) these functions cannot be used.
As for the actual location of the encrypted string, you will find that in the OBJ_M_ACTOR table in the security domain, in the table column M_ACTOR_C_PASSWORD.
Regards,
Dave Rathbun
Integra Solutions
www.islink.com
Listserv Archives (BOB member since 2002-06-25)