I am using java message digest to create MD5 hash, which is used for authentication. The MD5 hash is stored in the database as varchar2. I did a test to create a user on my tomcat server on my local laptop. When I deployed the war to the test tomcat server on linux redhat, the authentication failed due to hash unmatched. I checked the user name and password: they are all correct. Both web server points to the same database.
I suspect the hash generated on my local laptop is different from the one generated by the test server. Am I right?
Below is the code with which I generated the hash.
public static String getMD5Hash(String str) throws Exception
{
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(str.getBytes());
return new String(md.digest());
}
The String returned will be saved in the database table, which is defined below
create table authen(
passport varchar2(50),
constraint pk_au primary key (passport) USING INDEX TABLESPACE xxxxxxx
);
Here is the java version output on my laptop
C:\Users\XXXX>java -version
java version "1.6.0_25"
Java(TM) SE Runtime Environment (build 1.6.0_25-b06)
Java HotSpot(TM) Client VM (build 20.0-b11, mixed mode, sharing)
Here is the java version output on the redhat server
[xxxxxx@xxxxxxxxx ~]$ java -version
java version "1.6.0_20"
Java(TM) SE Runtime Environment (build 1.6.0_20-b02)
Java HotSpot(TM) Client VM (build 16.3-b01, mixed mode, sharing)
Its possible that you are using the default character set to generate the bytes you are passing into the MD5.digest()
method and that character set is different between your laptop and server.
That could be a reason why you are seeing different results. Otherwise, its not possible for it to generate different results.
For example --
byte[] bytesOfMessage = tempStr.getBytes("UTF-8"); // Maybe you're not using a charset here
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] theDigest = md5.digest(bytesOfMessage);