Symantec IGA

Hi team, 

Can any one help me how to hash plain password to ssha 512 in ca idm using java code?.
I know ca idm does ssha 512 hashing .
I am looking for java code to hash a sample password text to ssha 512 exactly like idm does..
any inputs are welcome. Please give suggestions.Thanks in advance. 

I suspect you are referring to the password value you see for a user in the IM UserStore. The IM application is not what is doing the hashing. It is being done by the underlying CA/Symantec Directory application which is used as the UserStore.

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/directory/14-0/reference/supported-standards-and-protocols/hashing-formats/hashing-formats-for-dxserver-passwords.html
Original Message:
Sent: 10-31-2020 02:21 PM
From: eagle dragon
Subject: Needed SSHA 512 code to hash pasawords

Hi team, 

Can any one help me how to hash plain password to ssha 512 in ca idm using java code?.
I know ca idm does ssha 512 hashing .
I am looking for java code to hash a sample password text to ssha 512 exactly like idm does..
any inputs are welcome. Please give suggestions.Thanks in advance. 

Hi Kenneth,

                              Thanks for the response.
Our case is we are looking to compare user password hash while changing password with hashed dictionary keywords. Problem is Hash generated by idm and I are completely different.

I know it is not way to read plain password from idm.

I have written blth logic to read user password attribute, while user is changing password using my password in idm. I am getting hashed password as '{ssha 512} <hashed password >' format when reading. 

In this case password just entered at IDM UI and not yet stored in directory. Using blth I am reading password value in runtime. By default it would be encrypted. I would have get encrypted password data. But I am receiving hashed password data. 

Please correct me if I am wrong on above. 

I am looking for ssha 512 mechanism.so that I can generate dictionaries on same mechanism . If it is not available on idm server. As per your suggestion I may get it in directory. Please give me a few inputs. 


Original Message:
Sent: 11-01-2020 08:48 AM
From: Kenneth Verrastro
Subject: Needed SSHA 512 code to hash pasawords

I suspect you are referring to the password value you see for a user in the IM UserStore. The IM application is not what is doing the hashing. It is being done by the underlying CA/Symantec Directory application which is used as the UserStore.

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/directory/14-0/reference/supported-standards-and-protocols/hashing-formats/hashing-formats-for-dxserver-passwords.html
Original Message:
Sent: 10-31-2020 02:21 PM
From: eagle dragon
Subject: Needed SSHA 512 code to hash pasawords

Hi team, 

Can any one help me how to hash plain password to ssha 512 in ca idm using java code?.
I know ca idm does ssha 512 hashing .
I am looking for java code to hash a sample password text to ssha 512 exactly like idm does..
any inputs are welcome. Please give suggestions.Thanks in advance. 

I know that with a PX Policy of type=UI that you can get the %PASSWORD% in clear-text if triggered during Validate On Submit but that it will not be clear-text if you trigger the PX Policy on Submission. So maybe try the handleValidationBeforeSubmission() or the handleValidation() in your BLTH instead of handleSubmission() to see if that will get you the new password in clear-text as well.
Original Message:
Sent: 11-01-2020 01:21 PM
From: eagle dragon
Subject: Needed SSHA 512 code to hash pasawords

Hi Kenneth,

                              Thanks for the response.
Our case is we are looking to compare user password hash while changing password with hashed dictionary keywords. Problem is Hash generated by idm and I are completely different.

I know it is not way to read plain password from idm.

I have written blth logic to read user password attribute, while user is changing password using my password in idm. I am getting hashed password as '{ssha 512} <hashed password >' format when reading. 

In this case password just entered at IDM UI and not yet stored in directory. Using blth I am reading password value in runtime. By default it would be encrypted. I would have get encrypted password data. But I am receiving hashed password data. 

Please correct me if I am wrong on above. 

I am looking for ssha 512 mechanism.so that I can generate dictionaries on same mechanism . If it is not available on idm server. As per your suggestion I may get it in directory. Please give me a few inputs. 


Original Message:
Sent: 11-01-2020 08:48 AM
From: Kenneth Verrastro
Subject: Needed SSHA 512 code to hash pasawords

I suspect you are referring to the password value you see for a user in the IM UserStore. The IM application is not what is doing the hashing. It is being done by the underlying CA/Symantec Directory application which is used as the UserStore.

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/directory/14-0/reference/supported-standards-and-protocols/hashing-formats/hashing-formats-for-dxserver-passwords.html
Original Message:
Sent: 10-31-2020 02:21 PM
From: eagle dragon
Subject: Needed SSHA 512 code to hash pasawords

Hi team, 

Can any one help me how to hash plain password to ssha 512 in ca idm using java code?.
I know ca idm does ssha 512 hashing .
I am looking for java code to hash a sample password text to ssha 512 exactly like idm does..
any inputs are welcome. Please give suggestions.Thanks in advance. 

Thanks for the help... I will try out your suggestions. I appreciate your quick responses.
Original Message:
Sent: 11-01-2020 08:48 AM
From: Kenneth Verrastro
Subject: Needed SSHA 512 code to hash pasawords

I suspect you are referring to the password value you see for a user in the IM UserStore. The IM application is not what is doing the hashing. It is being done by the underlying CA/Symantec Directory application which is used as the UserStore.

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/directory/14-0/reference/supported-standards-and-protocols/hashing-formats/hashing-formats-for-dxserver-passwords.html
Original Message:
Sent: 10-31-2020 02:21 PM
From: eagle dragon
Subject: Needed SSHA 512 code to hash pasawords

Hi team, 

Can any one help me how to hash plain password to ssha 512 in ca idm using java code?.
I know ca idm does ssha 512 hashing .
I am looking for java code to hash a sample password text to ssha 512 exactly like idm does..
any inputs are welcome. Please give suggestions.Thanks in advance.