Hello everybody I have a question regarding the MD5 Authentication in JBoss 5.1 GA. I used the normal authentication without MD5 hashes so far, but now i have to migrate an old version to a new version and the passwords are stored as MD5 strings in the database. So all I did was changing the login-config.xml and I was adding the following lines: | <module-option name="hashAlgorithm">MD5</module-option> | <module-option name="hashEncoding">base64</module-option> The other part of my login-config.xml looks like this. I have tested the queries and the rolename and the password (as hash) is returned: <module-option name="principalsQuery">SELECT password FROM users WHERE username=? AND active=1</module-option> | | <module-option name="rolesQuery">SELECT USERROLE.rolename, 'Roles' FROM USERS INNER JOIN (USERROLE INNER JOIN MAPUSERUSERROLE ON USERROLE.roleid = MAPUSERUSERROLE.roleid) ON USERS.userid = MAPUSERUSERROLE.userid where USERS.username=?</module-option> Unfortunately, the login always fails and I have no idea why. I guess it's the MD5 Hash which jboss generates is not equal to this in the database. In the jboss-log4j.xml I enabled tracing for org.jboss.security, and that's all I get from the server.log file: 2009-11-02 11:25:14,314 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) initialize | 2009-11-02 11:25:14,314 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) Security domain: SSIS2-domain | 2009-11-02 11:25:14,314 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) Password hashing activated: algorithm = MD5, encoding = base64, charset = {default}, callback = null, storeCallback = null | 2009-11-02 11:25:14,315 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) DatabaseServerLoginModule, dsJndiName=java:SSIS2DSprod | 2009-11-02 11:25:14,315 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) principalsQuery=SELECT password FROM users WHERE username=? AND active=1 | 2009-11-02 11:25:14,315 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) rolesQuery=SELECT USERROLE.rolename, 'Roles' FROM USERS INNER JOIN (USERROLE INNER JOIN MAPUSERUSERROLE ON USERROLE.roleid = MAPUSERUSERROLE.roleid) ON USERS.userid = MAPUSERUSERROLE.userid where USERS.username=? | 2009-11-02 11:25:14,315 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) suspendResume=true | 2009-11-02 11:25:14,319 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) login | 2009-11-02 11:25:14,326 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) suspendAnyTransaction | 2009-11-02 11:25:14,329 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) Excuting query: SELECT password FROM users WHERE username=? AND active=1, with username: tlubrpa1 | 2009-11-02 11:25:15,116 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) Obtained user password | 2009-11-02 11:25:15,116 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) resumeAnyTransaction | 2009-11-02 11:25:15,116 DEBUG [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) Bad password for username=tlubrpa1 | 2009-11-02 11:25:15,116 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-127.0.0.1-8084-1) abort Does anyone have an idea how I can debug the MD5 Hash Jboss generates? Or can I do anything else to know why I can't login? Thanks a lot! Patrick View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4264967#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...