Stefan Eder created SECURITY-808: ------------------------------------ Summary: Password not passed into DatabaseServerLoginModule Key: SECURITY-808 URL: https://issues.jboss.org/browse/SECURITY-808 Project: PicketBox Issue Type: Bug Security Level: Public (Everyone can see) Environment: WildFly8 on Windows 7 64-bit Reporter: Stefan Eder Assignee: Stefan Guilhen Priority: Critical Trying to migrate an application to WildFly (from AS6.1) the migration went pretty smooth except for using the security domain. The application uses a the ClientLoginModule on the client side and the DatabaseserverLoginModule on the server side. Though the DatabaseServerLoginModule is called the validation of the password fails. I debugged it and the reason seems to be that in {{org.jboss.security.auth.callback.JBossCallbackHandler.getPassword()}} a {{org.jboss.as.security.remoting.RemotingConnectionCredential@22341334}} is not handled and hence instead of a password the String {{org.jboss.as.security.remoting.RemotingConnectionCredential@22341334}} is passed through to the DatabaseLoginModule. See also [DatabaseServerLoginModule broken?|https://community.jboss.org/message/863295] and the related posts -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira