[jboss-user] [Security & JAAS/JBoss] - Obtain the plaintext password in LoginModule
filip.majernik
do-not-reply at jboss.com
Wed Jun 18 10:02:48 EDT 2008
Hi everybody,
I am coding a custom LoginModule for jboss to work with a web application(using j_security_check and FORM based authentication). MyLoginModule class implements the LoginModule interface. What I want to do is try to connect to an Oracle database with the username and password provided from the webapp and return true if it succeeds.
My problem is: I use the PasswordCallback and than the method getPassword():
...
NameCallback nameCallback = new NameCallback("Username"); PasswordCallback passwordCallback = new PasswordCallback("Password", true);
Callback[] callbacks = new Callback[]{nameCallback, passwordCallback};
try {
callbackHandler.handle(callbacks);
username = nameCallback.getName();
char[] password = passwordCallback.getPassword();
...
But the password I obtain is encrypted (I suppose some message diggest) and therefor my attempt to connect to the database always fails.
If anyone knows how to get the password in plaintext, please help.
Thanks,
Filip
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4158997#4158997
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4158997
More information about the jboss-user
mailing list