USERS-Password

Support - Assistance technique
1

Hi all,
I have 500 users that I try to create in the database. I prefer to ca directly in the backend. I created a Java class to tackle the PostgreSQL database. For the password I took the encrypted password district “48e8f1207baef1ef7fe478a57d19f2e5” but when I try to connect with the front-end, it does not work! What is the algorithm used to encrypt the password? Or who can give me a trick to bypass the password?

···


Riddy NDOMA
Software Developer
Skype: riddyndoma, G+: riddyndoma, FB: riddy ndoma
Twitter: riddyndoma, LinkedIn: riddy ndoma

Blog: http://riddyndoma.blogspot.com/

Vous servir est mon désire (Serving you is my desire)

2

Hi Riddy,

The password uses the username as a salt for the password so even if two users have the same password the encrypted password will not be the same

org.hisp.dhis.security.spring.SpringSecurityPasswordManager is the class that contains the algorithm.

I don’t think that users can be created via the Web API yet, some correct me if that isn’t true.

I suggest you use the dhis-adhoc tool to create users, there isn’t much documentation on it that I know of, but there is a working example here

If you look at the changes here https://code.launchpad.net/~dhis2-devs-core/dhis2/pii-encrypt (note the encryption here isn’t related to password encryption so look at it as more of a template)

You’ll likely have to update the first section of the pom.xml to reflect what version of DHIS 2 you are using.

org.hisp.dhis

dhis-services

2.15-SNAPSHOT

Dan Cocos
BAO Systemswww.baosystems.com

T: +1 202-352-2671 | skype: dancocos

···

On Apr 23, 2014, at 7:49 AM, riddy ndoma riddyndoma@gmail.com wrote:

Hi all,
I have 500 users that I try to create in the database. I prefer to ca directly in the backend. I created a Java class to tackle the PostgreSQL database. For the password I took the encrypted password district “48e8f1207baef1ef7fe478a57d19f2e5” but when I try to connect with the front-end, it does not work! What is the algorithm used to encrypt the password? Or who can give me a trick to bypass the password?


Riddy NDOMA
Software Developer
Skype: riddyndoma, G+: riddyndoma, FB: riddy ndoma
Twitter: riddyndoma, LinkedIn: riddy ndoma

Blog: http://riddyndoma.blogspot.com/

Vous servir est mon désire (Serving you is my desire)

Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp

3

This has been discussed several times on this list including most recently here, so check the archives as well.

https://lists.launchpad.net/dhis2-devs/msg28635.html

Regards,

Jason

···

On Wed, Apr 23, 2014 at 7:40 PM, Dan Cocos dan@dancocos.com wrote:

Hi Riddy,

The password uses the username as a salt for the password so even if two users have the same password the encrypted password will not be the same

org.hisp.dhis.security.spring.SpringSecurityPasswordManager is the class that contains the algorithm.

I don’t think that users can be created via the Web API yet, some correct me if that isn’t true.

I suggest you use the dhis-adhoc tool to create users, there isn’t much documentation on it that I know of, but there is a working example here

If you look at the changes here https://code.launchpad.net/~dhis2-devs-core/dhis2/pii-encrypt (note the encryption here isn’t related to password encryption so look at it as more of a template)

You’ll likely have to update the first section of the pom.xml to reflect what version of DHIS 2 you are using.

org.hisp.dhis

dhis-services

2.15-SNAPSHOT

Dan Cocos
BAO Systemswww.baosystems.com

T: +1 202-352-2671 | skype: dancocos

On Apr 23, 2014, at 7:49 AM, riddy ndoma riddyndoma@gmail.com wrote:

Hi all,
I have 500 users that I try to create in the database. I prefer to ca directly in the backend. I created a Java class to tackle the PostgreSQL database. For the password I took the encrypted password district “48e8f1207baef1ef7fe478a57d19f2e5” but when I try to connect with the front-end, it does not work! What is the algorithm used to encrypt the password? Or who can give me a trick to bypass the password?


Riddy NDOMA
Software Developer
Skype: riddyndoma, G+: riddyndoma, FB: riddy ndoma
Twitter: riddyndoma, LinkedIn: riddy ndoma

Blog: http://riddyndoma.blogspot.com/

Vous servir est mon désire (Serving you is my desire)

Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp

Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp