[jboss-user] [Security & JAAS/JBoss] - Login encryption not working
ewade
do-not-reply at jboss.com
Wed Dec 6 15:20:44 EST 2006
I have MD5 encrypted passwords in my database. I would like the login module to encrypt the plain text password before comparing to the database password. I have the following application policy set up in the login-config.xml file:
<application-policy name = "HsqlDbRealm">
<login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required">
<module-option name = "principal">sa</module-option>
<module-option name = "userName">sa</module-option>
<module-option name = "password"></module-option>
<module-option name="hashAlgorithm">MD5</module-option>
<module-option name ="hashEncoding">base64</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
</login-module>
</application-policy>
But its not working. My login page is treating the password as plain text and not encoding it before comparison. What am I missing here?
(I am using JBoss 4.0.4 with Hibernate and Postgress 8.1.4.)
Thanks for the help!
Elise Wade
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3991771#3991771
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3991771
More information about the jboss-user
mailing list