Description
- Used in JSON API authentication and JavaScript Single Sign ON (SSO)
- Prevents a user's password from being directly exposed during authentication
- This Hashed Password method is only supported by Joget Workflow Internal Directory Manager.
Please note that LDAP Directory Manager & Security Enhanced Directory Manager does not support Hashed Password in JSON API authentication.
Formula
md5(username + “::” + md5Base16(password));
E.g.: Assuming that the username is “admin” and the password is “admin”, the resulting hash should be “14ACD782DCFEB2BCDE2B271CCD559477”.
Sample Code (Java)
public static String md5(String content) {
try {
MessageDigest m = MessageDigest.getInstance("MD5");
byte[] data = content.getBytes();
m.update(data, 0, data.length);
BigInteger i = new BigInteger(1, m.digest());
return String.format("%1$032X", i);
} catch (Exception ex) {}
return "";
}
public static String md5Base16(String content) {
try {
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] bytes = md.digest(content.getBytes());
StringBuffer sb = new StringBuffer();
for (int i = 0; i < bytes.length; i++) {
byte b = bytes[i];
String hex = Integer.toHexString((int) 0x00FF & b);
if (hex.length() == 1) {
sb.append("0");
}
sb.append(hex);
}
return sb.toString();
} catch (Exception e) {}
return "";
}