]
Brian Stansberry updated WFLY-11073:
------------------------------------
Fix Version/s: 16.0.0.CR1
(was: 16.0.0.Beta1)
Support hex encoding in jdbc-realm for elytron
----------------------------------------------
Key: WFLY-11073
URL:
https://issues.jboss.org/browse/WFLY-11073
Project: WildFly
Issue Type: Feature Request
Components: Documentation, Security
Reporter: Jan Kalina
Assignee: Darran Lofthouse
Priority: Major
Labels: elytron
Fix For: 16.0.0.CR1
Old database login-module can be configured passing the attribute {{hashEncoding}}, for
example:
{code:xml}
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:jboss/datasources/ExampleDS"/>
<module-option name="principalsQuery" value="SELECT password FROM
User WHERE username = ?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM User WHERE username = ?"/>
<module-option name="hashAlgorithm" value="SHA-1"/>
<module-option name="hashEncoding" value="hex"/>
<module-option name="hashCharset" value="UTF-8"/>
</login-module>
{code}
Currently jdbc-realm in elytron only uses base64 encoding if hash is stored in a text
column. This way the migration is more complicated cos the password hash is not valid
changing from old security system to elytron.
Think also about the charset attribute.