SSHA salt in password-encoder

Hi,
I'm trying to authenticate users against an LDAP where the userPassword attributes are SSHA - encoded . I am not using bind authentication because permissions to do so do not exist on LDAP.

This is the configuration...
<ldap-authentication-provider
user-dn-pattern="uid={0},ou=People,ou=UserStore" group-search-base="ou=AdminGroups,ou=UserStore"
role-prefix="none">
<password-compare hash="{ssha}" password-attribute="userPassword"/>
</ldap-authentication-provider>

However this fails to instantiate the beans unless a password encoder is provided...

<password-encoder hash="{ssha}"><salt-source /></password-encoder>
The problem is that Sun Directory Server uses an algorithm for SSHA that effectively randomizes the salt. Since I have no way of knowing the salt value, is there any way I can override this?

Any help appreciated.

Thx

If you're using SSHA then a compare operation won't work - as you say, it isn't possible to know the salt value unless you can read the hash. So you can't calculate a hash from the password that matches the one in the directory.