[jboss-user] [Security] - Re: JBoss 4.2.3 and Security Annotations
do-not-reply at jboss.com
Tue Aug 25 13:43:50 EDT 2009
I've been making a lot of progress, and I'm finally able to log in using DatabaseServerLoginModule with clear text passwords in my DB. So thanks for all the help so far.
Ideally, I'd like to configure the module to use encrypted passwords though. I'm using AES encryption in my database and have a secret key to encrypt/decrypt them. Is there a way to do this? I see in the docs at http://www.jboss.org/community/wiki/DatabaseServerLoginModule that you can specify a hashAlgorithm and hashEncoding, but I don't see anything about how to apply your secret key. Am I missing something? Wouldn't I have to configure it to use my secret key in order to hash the password correctly?
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4251622#4251622
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4251622
More information about the jboss-user