0 
public Login authenticate(Login login) { String query = "SELECT L FROM Login AS L WHERE L.email=? AND L.password=?"; Object[] parameters = { login.getEmail(), login.getPassword() }; List<Login> resultsList = (getHibernateTemplate().find(query,parameters)); if (resultsList.isEmpty()) { //error dude } else if (resultsList.size() > 1) { //throw expections } else { Login login1 = (Login) resultsList.get(0); return login1; } return null; }

I have my DB tables password col set as MD5, now how to retrieve it back here.

Improve this question

2 Answers 2

Reset to default
2

You'll have to hash the password and pass the hash as a parameter. Some thing like:

String hash = hash(login.getPassword()); Object[] parameters = { login.getEmail(), hash };

For how to implement the hash(..) method, see this question. However, avoid MD5. Use SHA instead.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Can u covert my method and show it using SHA as i am not able to figure out from the post. which class does contain hash method
NO such algorithim i get when i try MessageDigest md = MessageDigest.getInstance("SHA-256");
Works fine here. Your environment is somehow wrong. Or you mistyped it.
You might want to consider salting it too. What version of Java are you using? If your version is old (1.4 or earlier) or you're not using Sun's JRE it might not support SHA-256 and you might need an external security provider, such as Bouncy Castle. OWASP has a run down of java credential checking and storage here; owasp.org/index.php/Hashing_Java
1

I beleive you would want to convert your L.password to md5 before calling the authenticate.

See this useful link

import java.security.*; .. byte[] bytesOfMessage = yourString.getBytes("UTF-8"); MessageDigest md = MessageDigest.getInstance("MD5"); byte[] thedigest = md.digest(bytesOfMessage);
Improve this answer

2 Comments

Can u covert my method and show it using SHA as i am not able to figure out from the post. which class does contain hash method
@theJava: Bozho has a good link in his answer comment. Try using stackoverflow.com/questions/3103652/… answer.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.