2 Replies Latest reply on Dec 14, 2006 1:46 AM by purna_cherukuri

    how to disable password-stacking property

    purna_cherukuri
    purna_cherukuri Nov 29, 2006 7:18 AM

      Hi,

      I am using JBoss-portal-4.0.2. I have a problem with jass code. I want to disable the password stacking option. How can i do it?

      <application-policy name="portal">
 <authentication>
 <login-module code="com.tsky.customlogin.CustomLoginModule" flag="required">
 <module-option name="unauthenticatedIdentity">guest</module-option>
 <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
 <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
 <module-option name="additionalRole">Authenticated</module-option>
 <module-option name="password-stacking">useFirstPass </module-option>
 </login-module>
 </authentication>
 </application-policy>


      This is the application policy code that i am using.

      Can anyone help me out in this?

      Thanks in advance....

      • 1538 Views
      • Tags:
        • 1. Re: how to disable password-stacking property
          starksm64
          starksm64 Dec 9, 2006 11:46 AM (in response to purna_cherukuri)

          Remove the module-option

            • Actions
          • 2. Re: how to disable password-stacking property
            purna_cherukuri
            purna_cherukuri Dec 14, 2006 1:46 AM (in response to purna_cherukuri)

            Hi,

            I have removed that option in my login-config.xml
            Now my login-config.xml is like this.

            <?xml version='1.0'?>
<!DOCTYPE policy PUBLIC
 "-//JBoss//DTD JBOSS Security Config 3.0//EN"
 "http://www.jboss.org/j2ee/dtd/security_config.dtd">
<policy>
 <!-- For the JCR CMS -->
 <application-policy name="cms">
 <authentication>
 <login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
 </authentication>
 </application-policy>

 <application-policy name="portal">
 <authentication>
 <login-module code="com.tsky.customlogin.CustomLoginModule" flag="required">
 <module-option name="unauthenticatedIdentity">guest</module-option>
 <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
 <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
 <module-option name="additionalRole">Authenticated</module-option>
 </login-module>
 </authentication>
 </application-policy>
</policy>


            It is still caching the username and passwords. I want it to go to CustomLoginModule each time.
            Can anyone help me out in this?



              • Actions