|
Home > Archive > SQL Anywhere Mobile > July 2005 > Implementing MobiLink to ASA 'Single sign on'
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Implementing MobiLink to ASA 'Single sign on'
|
|
|
| I try to implement a custom user authentication and verify user
passwords against the ASA 9 user database which in my case is the
consolidated database.
I learned, that the hash algorithm of Mobilink and ASA seem to be
different. At least the size of the binary fields are already different
which usually ends up in different hashes even if the same algorithm is
used. ASA defines the password field as binary(36) while Mobilink
defines binary(20).
Any idea how I can verify a user password submitted in a mobilink
Synchronisation with a ASA password (stored in sysuserperm)?? I think
this must somehow be possible but I could not find a 'sql based' login
from within a stored procedure.
Many thanks for your help.
Tom
| |
| David Fishburn 2005-07-13, 8:25 pm |
| Tom <tom@nospam.org> wrote in news:42d52222$1@foru
ms-2-dub
of sybase.public.sqlanywhere.mobilink:
T> I learned, that the hash algorithm of Mobilink and ASA seem to be
T> different. At least the size of the binary fields are already
different
T> which usually ends up in different hashes even if the same algorithm
is
T> used. ASA defines the password field as binary(36) while Mobilink
T> defines binary(20).
You are correct, they are hashed differently. I cannot remember the
reason, but there was one.
T> Any idea how I can verify a user password submitted in a mobilink
T> Synchronisation with a ASA password (stored in sysuserperm)?? I think
T> this must somehow be possible but I could not find a 'sql based' login
T> from within a stored procedure.
About the only thing I can think of is to use the authenticate_user
event and attempt a second connection (using the Java or .Net sync
scripts) to see if the login was successful or not.
Hopefully you get their unhashed/unencrypted password that way. If not,
you could pass it using the authentication_param
eters event.
--
David Fishburn
Certified ASA Developer Version 8
iAnywhere Solutions - Sybase
Professional Services
Please only post to the newsgroup
Please ALWAYS include version and MORE importantly BUILD number with
EACH post (dbeng9 -v).
EBFs and Maintenance Releases
http://downloads.sybase.com/swx/sdmain.stm
Developer Community / Whitepapers
http://www.ianywhere.com/developer
CaseXpress - to report bugs
http://casexpress.sybase.com
CodeXchange - Free samples
[url]http://ianywhere.codexchange.sybase.com/servlets/ ProjectDocumentList[
/url]
| |
| Greg Fenton 2005-07-13, 8:25 pm |
| David Fishburn wrote:
>
> You are correct, they are hashed differently. I cannot remember the
> reason, but there was one.
>
Support for multiple RDBMSs maybe? Just a guess.
greg.fenton
--
Greg Fenton
Consultant, Solution Services, iAnywhere Solutions
--------
Visit the iAnywhere Solutions Developer Community
Whitepapers, TechDocs, Downloads
http://www.ianywhere.com/developer/
| |
|
| David,
Thanks a lot for the feedback. I think it is not a very elegant thing to
open a new connection using Java or .NET to verify a logon on the same
database. This is more a 'workaround solution'. It makes sense, if your
consolidated DB is on a different RDBMS but not if everything is on ASA.
Maybe you could put this on a wishlist for a next release: A simple
logon check of existing database users accessible from a stored procedure.
Cheers
Tom
David Fishburn wrote:
> Tom <tom@nospam.org> wrote in news:42d52222$1@foru
ms-2-dub
> of sybase.public.sqlanywhere.mobilink:
>
> T> I learned, that the hash algorithm of Mobilink and ASA seem to be
> T> different. At least the size of the binary fields are already
> different
> T> which usually ends up in different hashes even if the same algorithm
> is
> T> used. ASA defines the password field as binary(36) while Mobilink
> T> defines binary(20).
>
> You are correct, they are hashed differently. I cannot remember the
> reason, but there was one.
>
> T> Any idea how I can verify a user password submitted in a mobilink
> T> Synchronisation with a ASA password (stored in sysuserperm)?? I think
> T> this must somehow be possible but I could not find a 'sql based' login
> T> from within a stored procedure.
>
> About the only thing I can think of is to use the authenticate_user
> event and attempt a second connection (using the Java or .Net sync
> scripts) to see if the login was successful or not.
>
> Hopefully you get their unhashed/unencrypted password that way. If not,
> you could pass it using the authentication_param
eters event.
>
>
>
|
|
|
|
|