4 Replies Latest reply on Oct 14, 2005 3:23 AM by sburkard

    login-config works, but not with MD5

    sburkard

      hi there

      I've got a problem with the login-configuration (DatabaseServerLoginModule) of jboss - as soon as I use md5-hashed passwords.

      for testing purposes, I have a mix of hashed and cleartext passwords in my database.

      when I comment out the following line in login-config.xml, I can successfully log in with all accounts that have a clear-text password.
      <module-option name="hashAlgorithm">MD5</module-option>

      but when I activate the md5-line in login-config, I can't log in with accounts that have hashed password (and of course with clear-text-passwords it doesn't work too)

      if I hash the word "test" to md5 and encode it with base64 (according to docs standard for md5 in jboss) I get "098F6BCD4621D373CADE4E832627B4F6" with standard 32 characters.

      any help would be fine. thanks in advance.
      stefan

        • 1. Re: login-config works, but not with MD5
          nehring

          I don't have the answer to your problem, but you didn't use base64 encoding the value "098f6bcd4621d373cade4e832627b4f6" is a hex encoded MD5 hash of the word "test". The base64 encoded value is "dGVzdA==".

          • 2. Re: login-config works, but not with MD5
            nehring

            Ooops, I got ahead of myself. The word 'test' as a MD5 hash encodes to:

            Hex: 098f6bcd4621d373cade4e832627b4f6
            Base64: CY9rzUYh03PK3k6DJie09g

            Here's a small perl script that I used.

            #!/usr/bin/perl
            use Digest::MD5 qw(md5_hex md5_base64);
            $digesthex = md5_hex('test');
            $digest = md5_base64('test');
            printf("Hex: %s\n", $digesthex);
            printf("Base64: %s\n", $digest);
            


            • 3. Re: login-config works, but not with MD5
              elkner

              echo -n "test" | openssl dgst -md5 -binary | openssl base64

              does the same ;-)

              • 4. Re: login-config works, but not with MD5
                sburkard

                Put the flags out; it works!

                After switching from base64 to hex I also had to add the "ignorePasswordCase" with argument true because the hashed passwords in my database (generated by another system) uses uppercase characters in the hashes.

                Thanks a lot for your help!
                stefan