[jdev] MD5 auth problem
Ulrich Staudinger
us at activestocks.de
Thu May 25 04:12:33 CDT 2006
Norman Rasmussen schrieb:
> On 5/25/06, Ulrich Staudinger <us at activestocks.de> wrote:
>
>> has someone a good solution how to reuse an existing community site with
>> md5'd passwords with a jabber server? Only plain passwords can be
>> accepted by the jabber server, which can be checked against the md5'd
>> passwords from the existing community, but digest login for example, is
>> not possible.
>
> correct, there's no way to use the md5 hashed passwords for non-plain
> sasl auths at-the-moment.
>
>> Any solution ?
>
> use plain, force tls/ssl?
>
>> Do we need a new authentication mechanism ? :-)
>
> some sort of non-challenge md5? that would be just as secure as plain.
>
Actually i thought more about something like:
md5( md5(password) + sid )
-------------- next part --------------
A non-text attachment was scrubbed...
Name: us.vcf
Type: text/x-vcard
Size: 329 bytes
Desc: not available
URL: <https://www.jabber.org/jdev/attachments/20060525/e69a25c9/attachment-0002.vcf>
More information about the JDev
mailing list