DBAsupport.com Forums - Powered by vBulletin
Results 1 to 4 of 4

Thread: Login authentication against Database user?

  1. 04-19-2006, 07:08 AM #1
    vikascv
    vikascv is offline Junior Member
    Join Date
    Apr 2006
    Posts
    1

    Question Login authentication against Database user?

    Hi,

    I need to authenticate in my Java application based on Database users. Is there anyway to generate the HASH value of the Oracle password of the user logging in so as to compare it with the Password column of the DBA_USERS table?

    Kindly help.
    Thanks in advance
    Vikas
    Reply With Quote Reply With Quote
  2. 04-19-2006, 04:05 PM #2
    tamilselvan
    tamilselvan is offline Senior Advisor
    Join Date
    May 2000
    Location
    ATLANTA, GA, USA
    Posts
    3,135
    Quote Originally Posted by vikascv
    Hi,

    I need to authenticate in my Java application based on Database users. Is there anyway to generate the HASH value of the Oracle password of the user logging in so as to compare it with the Password column of the DBA_USERS table?

    Kindly help.
    Thanks in advance
    Vikas
    Yes, you can use it.

    Code:
     1  select dbms_utility.get_hash_value(password,1000000,9999999)
  2  from dba_users
  3* where username = 'TAMIL'
20:04:39 SQL> /

DBMS_UTILITY.GET_HASH_VALUE(PASSWORD,1000000,9999999)
-----------------------------------------------------
                                              7531882
    Tamil
    Reply With Quote Reply With Quote
  3. 04-19-2006, 05:14 PM #3
    jmodic
    jmodic is offline Super Moderator
    Join Date
    Dec 2000
    Location
    Ljubljana, Slovenia
    Posts
    4,439
    Quote Originally Posted by tamilselvan
    Yes, you can use it.

    Code:
     1  select dbms_utility.get_hash_value(password,1000000,9999999)
  2  from dba_users
  3* where username = 'TAMIL'
20:04:39 SQL> /

DBMS_UTILITY.GET_HASH_VALUE(PASSWORD,1000000,9999999)
-----------------------------------------------------
                                              7531882
    Tamil
    Here you are simply rehashing (with a different hash alghorythm) allready hashed password. This is not what the original poster wants - he wants to hash user-supplied plain text password and then compare that hash value with the hash stored in DBA_USERS.PASSWORD.

    Vikascv, I don't think there is any Oracle's built in package/procedure/function that implements the hashing alghorytm used for storing database passwords. But the alghorytm that Oracle uses for hashing passwords has allready been published and described on various internet oracle-related forums, so it should not be too hard to create that functionality in the language of your choice. Use google.....
    Jurij Modic
    ASCII a stupid question, get a stupid ANSI
    24 hours in a day .... 24 beer in a case .... coincidence?
    Reply With Quote Reply With Quote
  4. 04-20-2006, 10:26 AM #4
    tamilselvan
    tamilselvan is offline Senior Advisor
    Join Date
    May 2000
    Location
    ATLANTA, GA, USA
    Posts
    3,135
    Here you are simply rehashing (with a different hash alghorythm) allready hashed password. This is not what the original poster wants - he wants to hash user-supplied plain text password and then compare that hash value with the hash stored in DBA_USERS.PASSWORD
    Sorry, I misunderstood the question.

    Tamil
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Click Here to Expand Forum to Full Width