I did a bit more investigation on this and found the crux of the issue but I'm not
sure how to solve it. In the login configuration for the realm you are supposed to use a
UsernameTokenCallback object to update the digest based on the existence of a nonce or
created. However, on debugging, these values are always null. And the init function
sends a map with both keys (nonce and created) set to null. So the question is what other
configuration do I need to tell JBoss to pull out these header nodes and send to the
callback handler.
The specific login config is as follows:
| <application-policy name="MyRealm">
| <authentication>
| <login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
| flag="required">
| <!--
| <module-option
name="usersProperties">props/myrealm-users.properties</module-option>
| <module-option
name="rolesProperties">props/myrealm-roles.properties</module-option>
-->
| <module-option name =
"dsJndiName">java:/WSExampleDS</module-option>
| <module-option name = "principalsQuery">SELECT password FROM
users WHERE username=?</module-option>
| <module-option name = "rolesQuery">SELECT r.role,
'Roles' FROM roles r join users u on u.id = r.userid WHERE
u.username=?</module-option>
| <module-option name="hashAlgorithm">SHA</module-option>
| <module-option name="hashEncoding">BASE64</module-option>
| <module-option
name="hashUserPassword">false</module-option>
| <module-option
name="hashStorePassword">true</module-option>
|
| <module-option
name="unauthenticatedIdentity">anonymous</module-option>
| <module-option
name="storeDigestCallback">org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallback</module-option>
|
| </login-module>
| </authentication>
| </application-policy>
|
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4257157#...
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...