Question re inserting hashed strings (I think)

From: William Wagman <wjwagman_at_ucdavis.edu>
Date: Fri, 24 Apr 2009 11:48:50 -0700
Message-ID: <2A8185DC02A8CE4C8413E0A26A8A831A0327369925_at_XEDAMAIL2.ex.ad3.ucdavis.edu>

Greetings,

I'm running Oracle 9.2.0.8.0 (vendor restriction) Enterprise Edition on RHEL4 all 64-bit. I have created a process which allows me to automate a refresh of our developer sandboxes from the production database using RMAN but there is one last piece I am stuck on. The application itself has a table which is used for authentication and it contains a password field and I believe the password is hashed by the application -

SQL> desc tenants

 Name                                      Null?    Type
 ----------------------------------------- -------- ----------------------------
 ID                                        NOT NULL NUMBER(11)
 ACCT_NO                                            NUMBER(11)
 ABBR                                               VARCHAR2(4)
 DESCR                                              VARCHAR2(50)
 USERNAME                                           VARCHAR2(15)
 PASSWORD                                           VARCHAR2(15)
 URL                                                VARCHAR2(100)
 TIMESTAMP                                          DATE

I can select * from tenants and see the following -

SQL> select * from tenants;

ID ACCT_NO ABBR DESCR

---------- ---------- ---- --------------------------------------------------
USERNAME        PASSWORD

--------------- ---------------
URL

TIMESTAMP

       261          0 T1   T1
axispkg         some-weird-string

27-APR-1999 Now in the developers sandboxes I want to update the password field in this table with a development password. I can do this through the application but in order to fully automate the process I want to do it using SQLPLUS so I try something like this -

SQL> update axis.tenants set password = 'some-weird-string'; SQL> commit;

The update is accepted but it is apparently not the correct string as users are unable to connect and I must then go in through the application and update the password. I don't know how the application hashes the password.

Can I do this and if so how, what am I missing? I realize this may not be good practice but if someone can point me in the right direction, or tell me I can't do it, I would appreciate it.

Thanks.

Bill Wagman
Univ. of California at Davis
IET Campus Data Center
wjwagman_at_ucdavis.edu
(530) 754-6208

--
http://www.freelists.org/webpage/oracle-l

Received on Fri Apr 24 2009 - 13:48:50 CDT

This message: [ Message body ]
Next message: Wolfgang Breitling: "RE: silly dbms_stats question"
Previous message: John Hallas: "RE: Problem flushing shared pool on 11.1.0.7 HP-UX Itanium"
Next in thread: Jared Still: "Re: Question re inserting hashed strings (I think)"
Reply: Jared Still: "Re: Question re inserting hashed strings (I think)"
Maybe reply: Bobak, Mark: "RE: Question re inserting hashed strings (I think)"
Maybe reply: Jared Still: "Re: Question re inserting hashed strings (I think)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message