/** * The User ID and Strong Password Substitute mechanism (USRSSBPWD) * authenticates the user like the user ID and password mechanism, but * the password does not flow. A password substitute is generated instead * using the SHA-1 algorithm, and is sent to the application server. * * The application server generates a password substitute using the same * algorithm and compares it with the application requester's password * substitute. If equal, the user is authenticated. * * The SECTKN parameter is used to flow the client and server encryption * seeds on the ACCSEC and ACCSECRD commands. * * More information in DRDA, V3, Volume 3 standard - PWDSSB (page 650) */ private void flowUSRSSBPWDconnect(String password) throws SqlException { flowServerAttributes(); checkSecmgrForSecmecSupport(NetConfiguration.SECMEC_USRSSBPWD); // Generate a random client seed to send to the target server - in // response we will also get a generated seed from this last one. // Seeds are used on both sides to generate the password substitute. initializeClientSeed(); flowSeedExchange(NetConfiguration.SECMEC_USRSSBPWD, sourceSeed_); flowSecurityCheckAndAccessRdb(targetSecmec_, //securityMechanism user_, null, null, passwordSubstituteForUSRSSBPWD(password)); // PWD Substitute }
/** * The User ID and Strong Password Substitute mechanism (USRSSBPWD) * authenticates the user like the user ID and password mechanism, but * the password does not flow. A password substitute is generated instead * using the SHA-1 algorithm, and is sent to the application server. * * The application server generates a password substitute using the same * algorithm and compares it with the application requester's password * substitute. If equal, the user is authenticated. * * The SECTKN parameter is used to flow the client and server encryption * seeds on the ACCSEC and ACCSECRD commands. * * More information in DRDA, V3, Volume 3 standard - PWDSSB (page 650) */ private void flowUSRSSBPWDconnect(String password) throws SqlException { flowServerAttributes(); checkSecmgrForSecmecSupport(NetConfiguration.SECMEC_USRSSBPWD); // Generate a random client seed to send to the target server - in // response we will also get a generated seed from this last one. // Seeds are used on both sides to generate the password substitute. initializeClientSeed(); flowSeedExchange(NetConfiguration.SECMEC_USRSSBPWD, sourceSeed_); flowSecurityCheckAndAccessRdb(targetSecmec_, //securityMechanism user_, null, null, passwordSubstituteForUSRSSBPWD(password)); // PWD Substitute }
null, null, passwordSubstituteForUSRSSBPWD(getDeferredResetPassword()));
null, null, passwordSubstituteForUSRSSBPWD(getDeferredResetPassword()));