<div>I apologize if this message appears in duplicate. The original was posted before the I received notice that an
additionalconfirmation message would be needed to get onto the list.</div><div> </div><div>I recently migrated an
applicationfrom Oracle to Postgresql 7.1. The<br />migration was fairly painless with one exception:<br /><br />User's
passwordsare hashed using SHA, then stored in the database. Ie.<br /> // Get the hash of the password<br />
MessageDigestmd=null;<br /> try {<br /> md = MessageDigest.getInstance("sha");<br /> }<br /> catch
(NoSuchAlgorithmExceptione) {<br /> System.out.println("Error: sha encryption unavailable.");<br /> }<br />
StringhashedPass = new<br />String(md.digest(request.getParameter("pass").getBytes()));<br /><br />This string contains
severalcharacters that are outside the normal ASCII<br />range. The string could be stored and retrieved using Oracle
andMySQL, but<br />in Postgres any unusual characters become '?'. This corrupts the hash and<br />prevents users from
loggingon.<br /><br />So far, the following have been tried:<br />- Password stored using PreparedStatement setString()
call.Retrieved using<br />ResultSet.getString(). Verified hash corruption in the database.<br />- Password field
datatypechanged from varchar to bytea. Oddly enough,<br />PreparedStatement.setBytes() can not be used against this
datatype.Resorted<br />to using .setString(). Hash was still corrupted at the database level.<br /><br />Any insight
intohow to accomplish this task would be greatly appreciated.<br /><br />Jerry<br /></div><br clear="all" /><hr />Get
YourPrivate, Free E-mail from MSN Hotmail at <a href="http://www.hotmail.com">http://www.hotmail.com</a>.<br />
