Question

How can I compare a hashed String

0

Hello Team, Could you please advise me how can I access to the system.user/password data? The Idea is to create an object "Supervisor", that has atributes Name and Password, Then using xpath i need compare them with system.user info. But it`s not possible, as the password is hashed string.

asked 2019-01-08

Vsevolod Kosminskyi

3 answers

Vsevolod Kosminskyi · Answer 1 · 2019-01-08

Thank you, I`ve solved an issue using java action verifyPassword

Kilian Croese · Answer 2 · 2019-01-08

When you have a User object, or a specialization of it, you could check the password using the following java action:

authenticate(IContext context, IUser user, java.lang.String password)

Authenticate the given user with the given password.

https://apidocs.mendix.com/7/runtime/com/mendix/core/ICore.html#authenticate-com.mendix.systemwideinterfaces.core.IContext-com.mendix.systemwideinterfaces.core.IUser-java.lang.String-

So if you have a user object and a password, you can check if the match.

𝕺𝖈𝖐𝖊𝖗𝖙 𝖛𝖆𝖓 𝕾𝖈𝖍𝖆𝖑𝖐𝖜𝖞𝖐 · Answer 3 · 2019-01-08

//nashorn prototype
var usr=com.mendix.core.Core.retrieveXPathQuery(
    root.getContext(),
    "//Administration.Account[Name='RNixon']"
)[0];
console.log(
    arr[0].getMember(root.getContext(),"Password")
    .verifyValue(root.getContext(), 'foobydoo')
); // false
console.log(
    arr[0].getMember(root.getContext(),"Password")
    .verifyValue(root.getContext(), 'topsecret')
); // true