JDBC Authentication with PBKDF2 base64 encoded fails

22 views

Skip to first unread message

Abre Chase

unread,

May 24, 2019, 5:21:46 PM5/24/19

to CAS Community

I'm attempting to authenticate against a JDBC data source that encodes the passwords with PBKDF2.

The CAS passwordEncoder settings are:

cas.authn.jdbc.query[0].passwordEncoder.type=PBKDF2

cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=PBKDF2WithHmacSHA1/160/128000

cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8

When I attempt to authenticate with CAS, the error in the log file is:

[1;31m2019-05-24 16:45:00,835 ERROR [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[pyvotJdbcHandler]: [Detected a Non-hex character at 5 or 6 position]> [m

The password in the database is encoded in base64 and not hex as the code is probably expecting.

I've been looking for a property which will convert the password from base64 to hex, but I'm not finding anything. Is this possible via configuration?

Thanks,

Abre

Reply all

Reply to author

Forward

0 new messages