Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
889
Views
0
Helpful
1
Replies

stored md5 password verify with ISE mysql integration?

murat001
Level 4
Level 4

‎10-02-2017 11:04 PM - edited ‎02-21-2020 10:35 AM

hi

how can i verify stored md5 hash password on mysql with ISE ODBC store procedure. no problem with stored cleartext passwd

 

example ;

mysql> select * from users;
+---------+----------+----------------------------------+
| user_id | username | password                                                    |
+---------+----------+----------------------------------+
|       1 | murat          | password                                                     |
|       4 | test1           | 2ac9cb7dc02b3c0083eb70898e549b63     |
+---------+----------+----------------------------------+

store procedure with cleartext ;  ( murat user is  working at auth.)

DELIMITER //
CREATE DEFINER=`root`@`localhost` PROCEDURE `ISEAuthUserPlainReturnsRecordset`(username varchar(64), password varchar(255))
begin
IF EXISTS (select * from users where users.username = username and users.password = password.) THEN
select 0,11,'This is a very good user, give him all access','no error';
ELSE
select 3, 0, 'odbc','ODBC Authen Error';
END IF;
end //

store procedure with md5 ; (test1 user not working)

DELIMITER //
CREATE DEFINER=`root`@`localhost` PROCEDURE `ISEAuthUserPlainReturnsRecordset`(username varchar(64), password varchar(255))
begin
IF EXISTS (select * from users where users.username = username and users.password = md5(password)) THEN
select 0,11,'This is a very good user, give him all access','no error';
ELSE
select 3, 0, 'odbc','ODBC Authen Error';
END IF;
end //

 

 

Labels:
0 Helpful
1 Reply 1

murat001
Level 4
Level 4

‎10-03-2017 01:04 PM

hello again
second store procedure worked when i write md5 upper case and basic authentication (PAP) provided.
But i need the PEAP(mschapv1/2) Auth, thats why i need change the following store procedure "ISEFetchPasswordReturnsRecordset".
how can i make a change this the query for hashed password verification.?
do you have any experience?
Thanks...

DELIMITER //
CREATE DEFINER=`root`@`localhost` PROCEDURE `ISEFetchPasswordReturnsRecordset`(username varchar(64))
begin
IF EXISTS (select * from users where users.username = username ) THEN
select 0,11,'This is a very good user, give him all access','no error', password from users where users.username = username;
ELSE
select 3, 0, 'odbc','ODBC Authen Error';
END IF;
end //
0 Helpful
Customers Also Viewed These Support Documents