Verify LDAP user password with SSHA-512 hash method

I am using OpenLDAP to store user information. User entry is an inetOrgPerson object. I use Apache Directory Studio to add userPassword with SSHA-512 hash method.

How can I verify input user password with the password stored in LDAP in my Java application?

Solution

I found my answer: http://gurolerdogan.blogspot.com/2010/03/ssha-encryption-with-java.html

SSHA ssha = new SSHA("SHA-512");
String sshaStr = ssha.createDigest("randomString", "mypwd");
//{SSHA}5QxZCiM/zcn0/upHX2uw6ICbgE+PLa9sJz/UpfMAMe1isyxuv+NeW4k4GjRDoTQHnB5QjCKCydJJjUQnT3DEEXJhbmRvbVN0cmluZw==
return sshaStr;

Replace {SSHA} with {SSHA-512} you will have a SSHA-512 password to store in OpenLDAP. It's useful when you create new user or update user password.

You can improve the source code, for example replace sun.misc.BASE64Encoder with org.apache.commons.codec.binary.Base64.

How to make an existing structural objectClass auxiliary?
How do I restrict Apache/SVN access to specific users (LDAP/file-based authentication)?
LDAP- adding new attribute schema using ldapmodify
Cannot retrive objectName from searchEntry when I update ldapjs to v3
Why am I getting 'System.__ComObject' from my LDAP property?
C# Cannot connect to AD using LDAPS
ldap_mod_replace returns true but password does not change
Jenkins administratively disabled user in LDAP causing false negatives
Is context need to be closed explicity in LDAP connection pooling
Authentication fails after enabling RequireGroup in openvpn-auth-ldap.so
Python 3.5, ldap3 and modify_password()
Reset Active Directory password using Python and ldap3
memberof and refint does not work in openLdap
Retrieving User Information from LDAP Active Directory Server with Node.js using ldapjs package
How do a LDAP search/authenticate against this LDAP in Java
Enumerate all users including SIDs
Web-based LDAP Browser
kinit: Preauthentication failed while getting initial credentials
C# OpenLDAP Error: unicodePwd: attribute type undefined
Why do POST requests not work using Spnego/Kerberos authentication with Spring Security Kerberos?
python-ldap creating a group returns "already exists" (in an empty OU and non existent sAMAccountName)
NiFi 1.25 error when trying to connect to LDAP service: ClassCastException: LdapProvider
Move Object to an OU in Active Directory
What does samAccountType in groups of Active Directory mean?
php - ldap_search(): search: operations error
Combining LDAP Queries is not giving proper results
Getting groups from LDAP to django
How we can directly use kerberos ldap service ticket to authenticate with ldap and form the LDAP context
Rmiregistry vs LDAP
I can't install python-ldap