| Table of Contents |
|---|
Description
描述
- 用于JSON API身份验证和JavaScript单点登录(SSO)
- 防止在验证期间直接暴露用户的密码
- 只有Joget Workflow内部目录管理器支持此哈希密码方法。
- Used in JSON API authentication and JavaScript Single Sign ON (SSO)
- Prevents a user's password from being directly exposed during authentication
- This Hashed Password method is only supported by Joget Workflow Internal Directory Manager.
| Note |
|---|
Please note that LDAP Directory Manager & Security Enhanced Directory Manager does not support Hashed Password in JSON API authentication.请注意,LDAP目录管理器和安全增强目录管理器不支持JSON API身份验证中的哈希密码。 |
Formula
| Code Block |
|---|
md5(username + “::” + md5Base16(password)); |
E.g.: Assuming that the username is “admin” and the password is “admin”, the resulting hash should be “14ACD782DCFEB2BCDE2B271CCD559477”.
...
例如:假设用户名是“admin”,密码是“admin”,则得到的HASH值应该是“ 14ACD782DCFEB2BCDE2B271CCD559477 ”。
示例代码(Java)
| Code Block |
|---|
public static String md5(String content) {
try {
MessageDigest m = MessageDigest.getInstance("MD5");
byte[] data = content.getBytes();
m.update(data, 0, data.length);
BigInteger i = new BigInteger(1, m.digest());
return String.format("%1$032X", i);
} catch (Exception ex) {}
return "";
}
public static String md5Base16(String content) {
try {
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] bytes = md.digest(content.getBytes());
StringBuffer sb = new StringBuffer();
for (int i = 0; i < bytes.length; i++) {
byte b = bytes[i];
String hex = Integer.toHexString((int) 0x00FF & b);
if (hex.length() == 1) {
sb.append("0");
}
sb.append(hex);
}
return sb.toString();
} catch (Exception e) {}
return "";
}
|