Scripting with manual database user source

Chase_Hausman · April 8, 2022, 11:34pm

I have a application where I’m trying to use an existing database as my user source. It’s working to poll users and roles, but I’m struggling with passwords. Because we use these same hashed passwords in many different systems, passwords are hashed using an internal service then stored in the database. When another application attempts to log in, it uses the same service to hash the user input and then compare the results to what’s stored in the database.

Any thoughts? Is there any way to replicate that process? Or am I going to have to stand up a SAML/OpenID IdP separately and use that to login?

Kevin.Herron · April 8, 2022, 11:41pm

I don’t see how this can work unless your database has the ability to let you create custom SQL functions that you could use to query the internal service and calculate a hash as part of the authentication query… or something like that.

Chase_Hausman · April 11, 2022, 3:05pm

Thanks, that’s kind of what I was thinking, but wanted a second opinion.