This content has been marked as final.
Show 1 reply
-
1. DatabaseServerLoginModule with MD5 not working for me
starksm64 Mar 5, 2004 1:41 AM (in response to zalia)Hi,
I've got this login module working with no hashing, but when I introduce the md5 hash, it fails to authenticate my users.
I have previously stored the hashed passwords in the database using this routine called from ejbStorepublic static String md5Hash(String source)
{
try{
// Obtain a message digest object.
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(source.getBytes("ISO-8859-1"));
// Calculate the digest for the given file.
byte[] raw = md.digest();
// Print out the digest in base64.
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(raw);
}
catch (NoSuchAlgorithmException ae)
{
ae.printStackTrace();
}
catch (UnsupportedEncodingException ee)
{
ee.printStackTrace();
}
return "";
}
My application policy looks like this:<application-policy name="secrealm">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/xpetstoreDS </module-option>
<module-option name="principalsQuery">select pwd from T_ACCOUNT where userId=?</module-option>
<module-option name="rolesQuery">select userRoles, roleGroup from T_ROLES where username=?</module-option>
<module-option name="unauthenticatedIdentity">nobody</module-option>
<module-option name="hashAlgorithm">MD5</module-option>
<module-option name="hashEncoding">base64</module-option>
<module-option name="hashCharset">ISO-8859-1</module-option>
</login-module>
</authentication>
</application-policy>
I took a quick look at the source code for DatabaseServerLoginModule (v1.9) and couldn't see where the hashAlgorithm setting is used (also not mentioned in the javadoc tags)
Can anyone comment on how to get this to work?
I am using JBoss 3.2.3
Many Thanks
Martin