[jboss-dev-forums] [JBoss AS 7 Development] - Re: Custom jdbc login module for remoting

[Daniel Jipa]

Daniel Jipa [https://community.jboss.org/people/danjee] created the discussion

"Re: Custom jdbc login module for remoting"

To view the discussion, visit: https://community.jboss.org/message/719089#719089

--------------------------------------------------------------
> Darran Lofthouse wrote:
> 
> > Anyway this is a combination that won't be used because users cannot be added to that properties file.
> Not really sure what you mean here - the point of the properties files is that users can be added to them.
> 

The users and passwords that will use the application should be managed in users database table not in a properties file held on application server.


> In your config I see the following line: -
> 
> > remote.connection.default.password=c4ca4238a0b923820dcc509a6f75849b
> 
> What is this password?  This property need to be the plain text password - not the pre-hashed password from the properties.

The password is hashed with md5 when saving user credentials. So it will be hashed when looking up the EJB to work like this: md5(users_password_from_password_field) = database_stored_password according to the login module
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/719089#719089]

Start a new discussion in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120223/fe03da4f/attachment.html