5 Replies Latest reply on May 12, 2009 9:34 AM by wolfgangknauf

Issue in encrypting the password using MD5

tonyjim May 7, 2009 11:59 PM

I am using JBoss 4.2.2GA application server with Struts and EJB.
I am trying to encrypt the password using the message digest - MD5(given below) and store it in the mysql DB.
Using DatabaseServerLoginModule, I am trying to authenticate, but it's failing. Please help on this.
Please help whether any configuration setting needs to be done.

login.config.xml
==================

<application-policy name="testDB">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
 flag="required">
 
 <module-option name="hashAlgorithm">MD5</module-option>
 <module-option name="hashEncoding">base64</module-option>
 <module-option name="hashUserPassword">true</module-option>
 <module-option name="hashStorePassword">true</module-option>

 <module-option name="dsJndiName">java:/MySqlDS</module-option>
 <module-option name="principalsQuery">
 select passwd from Users username where username=?</module-option>
 <module-option name="rolesQuery">
 select userRoles, 'Roles' from UserRoles where username=?</module-option>
 </login-module>
 </authentication>
 </application-policy>

I am using the below program to encrypt the password using MD5 and storing the encrypted value "5f4dcc3b5aa765d61d8327deb882cf99" in mysql table

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class MainClass {
 public static void main(String args[]) throws Exception {
 String sessionid = "password";
 byte[] defaultBytes = sessionid.getBytes();
 System.out.println("defaultBytes ::"+defaultBytes);
 try{
 MessageDigest algorithm = MessageDigest.getInstance("MD5");
 algorithm.reset();
 algorithm.update(defaultBytes);
 byte messageDigest[] = algorithm.digest();

 StringBuffer hexString = new StringBuffer();
 for (int i=0;i<messageDigest.length;i++) {
 hexString.append(Integer.toHexString(0xFF & messageDigest));
 }
 String foo = messageDigest.toString();
 System.out.println("sessionid "+sessionid+" md5 version is "+hexString.toString());
 System.out.println("foo "+foo);
 sessionid=hexString+"";
 }catch(NoSuchAlgorithmException nsae){

 }
 }
 }

 output:
 -------
 defaultBytes ::[B@192d342
 sessionid password md5 version is 5f4dcc3b5aa765d61d8327deb882cf99
 foo [B@167d940

my mysql tables

mysql> select * from userroles;
+----------+-----------+
| username | userRoles |
+----------+-----------+
| ram | admin |
| sachin | guest |
| tiger | admin |
+----------+-----------+
3 rows in set (0.14 sec)

mysql> select * from users;
+----------+----------------------------------+
| username | passwd |
+----------+----------------------------------+
| ram | passwd |
| sachin | passwd |
| tiger | 5f4dcc3b5aa765d61d8327deb882cf99 |
+----------+----------------------------------+
3 rows in set (0.17 sec)

Geting the error message:

19:51:29,212 DEBUG [DatabaseServerLoginModule] Bad password for username=tiger

web.xml
==========

 <security-constraint>
 <web-resource-collection>
 <web-resource-name>Testing</web-resource-name>
 <url-pattern>/*</url-pattern>
 <http-method>GET</http-method>
 <http-method>POST</http-method>
 </web-resource-collection>

 <auth-constraint>
 <role-name>admin</role-name>
 </auth-constraint>

 <user-data-constraint>
 <transport-guarantee>CONFIDENTIAL</transport-guarantee>
 </user-data-constraint>

 </security-constraint>

 <login-config>
 <auth-method>FORM</auth-method>
 <form-login-config>
 <form-login-page>/login.jsp</form-login-page>
 <form-error-page>/error.jsp</form-error-page>
 </form-login-config>
 </login-config>

 <security-role>
 <role-name>admin</role-name>
 </security-role>

But for the userid: ram and passwd, I am able to login. Whereas for the user "tiger" with the encrypted password, I couldn't able to login.
Please throw some light on it. Please help to check the configuration in login-config.xml

And I have an another doubt. If the user is attempting to enter invalid password for more than 5 times, we need to lock his account.
Whether JBoss' DatabaseServerLoginModule or any other loginmodule is providing this functionality? If not, how to achieve?]

1. Re: Issue in encrypting the password using MD5

ragavgomatam May 10, 2009 10:32 PM (in response to tonyjim)

Please turn on the log for the DataBaseLogin module and post the log
trace
Actions

2. Re: Issue in encrypting the password using MD5

tonyjim May 11, 2009 7:20 AM (in response to tonyjim)

I donot how to log it, since I am very weak at log4j. I have tried with the following. I have included both by login-config.xml anf jboss-log4j.xml file. Can you please help to advice?

<?xml version='1.0'?>
<!DOCTYPE policy PUBLIC
 "-//JBoss//DTD JBOSS Security Config 3.0//EN"
 "http://www.jboss.org/j2ee/dtd/security_config.dtd">

<!-- The XML based JAAS login configuration read by the
org.jboss.security.auth.login.XMLLoginConfig mbean. Add
an application-policy element for each security domain.

The outline of the application-policy is:
<application-policy name="security-domain-name">
 <authentication>
 <login-module code="login.module1.class.name" flag="control_flag">
 <module-option name = "option1-name">option1-value</module-option>
 <module-option name = "option2-name">option2-value</module-option>
 ...
 </login-module>

 <login-module code="login.module2.class.name" flag="control_flag">
 ...
 </login-module>
 ...
 </authentication>
</application-policy>

$Revision: 64598 $
-->

<policy>
 <!-- Used by clients within the application server VM such as
 mbeans and servlets that access EJBs.
 -->
 <application-policy name = "client-login">
 <authentication>
 <login-module code = "org.jboss.security.ClientLoginModule"
 flag = "required">
 <!-- Any existing security context will be restored on logout -->
 <module-option name="restore-login-identity">true</module-option>
 </login-module>
 </authentication>
 </application-policy>

 <!-- Security domain for JBossMQ -->
 <!--application-policy name = "jbossmq">
 <authentication>
 <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
 flag = "required">
 <module-option name = "unauthenticatedIdentity">guest</module-option>
 <module-option name = "dsJndiName">java:/DefaultDS</module-option>
 <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option>
 <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>
 </login-module>
 </authentication>
 </application-policy-->

 <!-- Security domain for JBossMQ when using file-state-service.xml
 <application-policy name = "jbossmq">
 <authentication>
 <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
 flag = "required">
 <module-option name = "unauthenticatedIdentity">guest</module-option>
 <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
 </login-module>
 </authentication>
 </application-policy>
 -->

 <!-- Security domains for testing new jca framework -->
 <application-policy name = "HsqlDbRealm">
 <authentication>
 <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
 flag = "required">
 <module-option name = "principal">sa</module-option>
 <module-option name = "userName">sa</module-option>
 <module-option name = "password"></module-option>
 <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
 </login-module>
 </authentication>
 </application-policy>

 <application-policy name = "JmsXARealm">
 <authentication>
 <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
 flag = "required">
 <module-option name = "principal">guest</module-option>
 <module-option name = "userName">guest</module-option>
 <module-option name = "password">guest</module-option>
 <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
 </login-module>
 </authentication>
 </application-policy>

 <!-- A template configuration for the jmx-console web application. This
 defaults to the UsersRolesLoginModule the same as other and should be
 changed to a stronger authentication mechanism as required.
 -->
 <application-policy name = "jmx-console">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
 flag = "required">
 <module-option name="usersProperties">props/jmx-console-users.properties</module-option>
 <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
 </login-module>
 </authentication>
 </application-policy>

 <!-- A template configuration for the web-console web application. This
 defaults to the UsersRolesLoginModule the same as other and should be
 changed to a stronger authentication mechanism as required.
 -->
 <application-policy name = "web-console">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
 flag = "required">
 <module-option name="usersProperties">web-console-users.properties</module-option>
 <module-option name="rolesProperties">web-console-roles.properties</module-option>
 </login-module>
 </authentication>
 </application-policy>

 <!--
 A template configuration for the JBossWS security domain.
 This defaults to the UsersRolesLoginModule the same as other and should be
 changed to a stronger authentication mechanism as required.
 -->
 <!--application-policy name="JBossWS">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
 flag="required">
 <module-option name="usersProperties">props/jbossws-users.properties</module-option>
 <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
 <module-option name="unauthenticatedIdentity">anonymous</module-option>
 </login-module>
 </authentication>
 </application-policy-->

 <!-- The default login configuration used by any security domain that
 does not have a application-policy entry with a matching name
 -->
 <application-policy name = "other">
 <!-- A simple server login module, which can be used when the number
 of users is relatively small. It uses two properties files:
 users.properties, which holds users (key) and their password (value).
 roles.properties, which holds users (key) and a comma-separated list of
 their roles (value).
 The unauthenticatedIdentity property defines the name of the principal
 that will be used when a null username and password are presented as is
 the case for an unuathenticated web client or MDB. If you want to
 allow such users to be authenticated add the property, e.g.,
 unauthenticatedIdentity="nobody"
 -->
 <authentication>
 <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
 flag = "required" />
 </authentication>
 </application-policy>


<application-policy name="testDB">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
 flag="required">
 <module-option name="hashAlgorithm">MD5</module-option>
 <module-option name="hashEncoding">base64</module-option>
 <module-option name="hashUserPassword">true</module-option>
 <module-option name="hashStorePassword">true</module-option>

 <module-option name="dsJndiName">java:/MySqlDS</module-option>
 <module-option name="principalsQuery">
 select passwd from Users username where username=?</module-option>
 <module-option name="rolesQuery">
 select userRoles, 'Roles' from UserRoles where username=?</module-option>
 </login-module>
 </authentication>
 </application-policy>

</policy>

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">

<!-- ===================================================================== -->
<!-- -->
<!-- Log4j Configuration -->
<!-- -->
<!-- ===================================================================== -->

<!-- $Id: jboss-log4j.xml 65459 2007-09-19 00:25:51Z dimitris@jboss.org $ -->

<!--
 | For more configuration infromation and examples see the Jakarta Log4j
 | owebsite: http://jakarta.apache.org/log4j
 -->

<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">

 <!-- ================================= -->
 <!-- Preserve messages in a local file -->
 <!-- ================================= -->


<appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="Target" value="System.out"/>
 <param name="Threshold" value="DEBUG" />

 <layout class="org.apache.log4j.PatternLayout">
 <!-- The default pattern: Date Priority [Category] Message\n -->
 <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c{1}] %m%n"/>
 </layout>
</appender>


 <!-- A time/date based rolling appender -->
 <appender name="FILE" class="org.jboss.logging.appender.DailyRollingFileAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="File" value="${jboss.server.log.dir}/server.log"/>
 <param name="Append" value="false"/>

 <!-- Rollover at midnight each day -->
 <param name="DatePattern" value="'.'yyyy-MM-dd"/>

 <!-- Rollover at the top of each hour
 <param name="DatePattern" value="'.'yyyy-MM-dd-HH"/>
 -->

 <layout class="org.apache.log4j.PatternLayout">
 <!-- The default pattern: Date Priority [Category] Message\n -->
 <param name="ConversionPattern" value="%d %-5p [%c] %m%n"/>

 <!-- The full pattern: Date MS Priority [Category] (Thread:NDC) Message\n
 <param name="ConversionPattern" value="%d %-5r %-5p [%c] (%t:%x) %m%n"/>
 -->
 </layout>
 </appender>


 <!-- A size based file rolling appender
 <appender name="FILE" class="org.jboss.logging.appender.RollingFileAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="File" value="${jboss.server.log.dir}/server.log"/>
 <param name="Append" value="false"/>
 <param name="MaxFileSize" value="500KB"/>
 <param name="MaxBackupIndex" value="1"/>

 <layout class="org.apache.log4j.PatternLayout">
 <param name="ConversionPattern" value="%d %-5p [%c] %m%n"/>
 </layout>
 </appender>
 -->

 <!-- ============================== -->
 <!-- Append messages to the console -->
 <!-- ============================== -->

 <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="Target" value="System.out"/>
 <param name="Threshold" value="INFO"/>

 <layout class="org.apache.log4j.PatternLayout">
 <!-- The default pattern: Date Priority [Category] Message\n -->
 <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c{1}] %m%n"/>
 </layout>
 </appender>

 <!-- ====================== -->
 <!-- More Appender examples -->
 <!-- ====================== -->

 <!-- Buffer events and log them asynchronously
 <appender name="ASYNC" class="org.apache.log4j.AsyncAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <appender-ref ref="FILE"/>
 <appender-ref ref="CONSOLE"/>
 <appender-ref ref="SMTP"/>
 </appender>
 -->

 <!-- EMail events to an administrator
 <appender name="SMTP" class="org.apache.log4j.net.SMTPAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="Threshold" value="ERROR"/>
 <param name="To" value="admin@myhost.domain.com"/>
 <param name="From" value="nobody@myhost.domain.com"/>
 <param name="Subject" value="JBoss Sever Errors"/>
 <param name="SMTPHost" value="localhost"/>
 <param name="BufferSize" value="10"/>
 <layout class="org.apache.log4j.PatternLayout">
 <param name="ConversionPattern" value="[%d{ABSOLUTE},%c{1}] %m%n"/>
 </layout>
 </appender>
 -->

 <!-- Syslog events
 <appender name="SYSLOG" class="org.apache.log4j.net.SyslogAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="Facility" value="LOCAL7"/>
 <param name="FacilityPrinting" value="true"/>
 <param name="SyslogHost" value="localhost"/>
 <layout class="org.apache.log4j.PatternLayout">
 <param name="ConversionPattern" value="[%d{ABSOLUTE},%c{1}] %m%n"/>
 </layout>
 </appender>
 -->

 <!-- Log events to JMS (requires a topic to be created)
 <appender name="JMS" class="org.apache.log4j.net.JMSAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="Threshold" value="ERROR"/>
 <param name="TopicConnectionFactoryBindingName" value="java:/ConnectionFactory"/>
 <param name="TopicBindingName" value="topic/MyErrorsTopic"/>
 </appender>
 -->

 <!-- Log events through SNMP
 <appender name="TRAP_LOG" class="org.apache.log4j.ext.SNMPTrapAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="ImplementationClassName" value="org.apache.log4j.ext.JoeSNMPTrapSender"/>
 <param name="ManagementHost" value="127.0.0.1"/>
 <param name="ManagementHostTrapListenPort" value="162"/>
 <param name="EnterpriseOID" value="1.3.6.1.4.1.24.0"/>
 <param name="LocalIPAddress" value="127.0.0.1"/>
 <param name="LocalTrapSendPort" value="161"/>
 <param name="GenericTrapType" value="6"/>
 <param name="SpecificTrapType" value="12345678"/>
 <param name="CommunityString" value="public"/>
 <param name="ForwardStackTraceWithTrap" value="true"/>
 <param name="Threshold" value="DEBUG"/>
 <param name="ApplicationTrapOID" value="1.3.6.1.4.1.24.12.10.22.64"/>
 <layout class="org.apache.log4j.PatternLayout">
 <param name="ConversionPattern" value="%d,%p,[%t],[%c],%m%n"/>
 </layout>
 </appender>
 -->

 <!-- Emit events as JMX notifications
 <appender name="JMX" class="org.jboss.monitor.services.JMXNotificationAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>

 <param name="Threshold" value="WARN"/>
 <param name="ObjectName" value="jboss.system:service=Logging,type=JMXNotificationAppender"/>

 <layout class="org.apache.log4j.PatternLayout">
 <param name="ConversionPattern" value="%d %-5p [%c] %m"/>
 </layout>
 </appender>
 -->

 <!-- ================ -->
 <!-- Limit categories -->
 <!-- ================ -->

 <!-- Added by Micheal John --->
 <!--category name="org.jboss.security">
 <priority value="TRACE"/>
 </category-->


 <category name="org.jboss.ejb.plugins.cmp">
 <priority value="DEBUG"/>
 </category>

 <category name="org.jboss.ejb.plugins.cmp">
 <priority value="TRACE" class="org.jboss.logging.XLevel"/>
 </category>

 <!-- Limit the org.apache category to INFO as its DEBUG is verbose -->
 <category name="org.apache">
 <priority value="INFO"/>
 </category>

 <!-- Limit the jacorb category to WARN as its INFO is verbose -->
 <category name="jacorb">
 <priority value="WARN"/>
 </category>

 <!-- Limit the org.jgroups category to WARN as its INFO is verbose -->
 <category name="org.jgroups">
 <priority value="WARN"/>
 </category>

 <!-- Limit the org.quartz category to INFO as its DEBUG is verbose -->
 <category name="org.quartz">
 <priority value="INFO"/>
 </category>

 <!-- Limit JBoss categories
 <category name="org.jboss">
 <priority value="INFO"/>
 </category>
 -->

 <!-- Limit the JSR77 categories -->
 <category name="org.jboss.management">
 <priority value="INFO"/>
 </category>

 <!-- Show the evolution of the DataSource pool in the logs [inUse/Available/Max]
 <category name="org.jboss.resource.connectionmanager.JBossManagedConnectionPool">
 <priority value="TRACE"/>
 </category>
 -->

 <!-- Limit the org.jboss.serial (jboss-serialization) to INFO as its DEBUG is verbose -->
 <category name="org.jboss.serial">
 <priority value="INFO"/>
 </category>

 <!-- Decrease the priority threshold for the org.jboss.varia category
 <category name="org.jboss.varia">
 <priority value="DEBUG"/>
 </category>
 -->

 <!-- Enable JBossWS message tracing
 <category name="org.jboss.ws.core.MessageTrace">
 <priority value="TRACE"/>
 </category>
 -->

 <!--
 | An example of enabling the custom TRACE level priority that is used
 | by the JBoss internals to diagnose low level details. This example
 | turns on TRACE level msgs for the org.jboss.ejb.plugins package and its
 | subpackages. This will produce A LOT of logging output.
 |
 | Note: since jboss AS 4.2.x, the trace level is supported natively by
 | log4j, so although the custom org.jboss.logging.XLevel priority will
 | still work, there is no need to use it. The two examples that follow
 | will both enable trace logging.
 <category name="org.jboss.system">
 <priority value="TRACE" class="org.jboss.logging.XLevel"/>
 </category>
 <category name="org.jboss.ejb.plugins">
 <priority value="TRACE"/>
 </category>
 -->

 <!--
 | Logs these events to SNMP:
 - server starts/stops
 - cluster evolution (node death/startup)
 - When an EJB archive is deployed (and associated verified messages)
 - When an EAR archive is deployed

 <category name="org.jboss.system.server.Server">
 <priority value="INFO" />
 <appender-ref ref="TRAP_LOG"/>
 </category>

 <category name="org.jboss.ha.framework.interfaces.HAPartition.lifecycle">
 <priority value="INFO" />
 <appender-ref ref="TRAP_LOG"/>
 </category>

 <category name="org.jboss.deployment.MainDeployer">
 <priority value="ERROR" />
 <appender-ref ref="TRAP_LOG"/>
 </category>

 <category name="org.jboss.ejb.EJBDeployer">
 <priority value="INFO" />
 <appender-ref ref="TRAP_LOG"/>
 </category>

 <category name="org.jboss.deployment.EARDeployer">
 <priority value="INFO" />
 <appender-ref ref="TRAP_LOG"/>
 </category>
 -->

 <!-- Clustering logging -->
 <!-- Uncomment the following to redirect the org.jgroups and
 org.jboss.ha categories to a cluster.log file.

 <appender name="CLUSTER" class="org.jboss.logging.appender.RollingFileAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="File" value="${jboss.server.log.dir}/cluster.log"/>
 <param name="Append" value="false"/>
 <param name="MaxFileSize" value="500KB"/>
 <param name="MaxBackupIndex" value="1"/>

 <layout class="org.apache.log4j.PatternLayout">
 <param name="ConversionPattern" value="%d %-5p [%c] %m%n"/>
 </layout>
 </appender>
 <category name="org.jgroups">
 <priority value="DEBUG" />
 <appender-ref ref="CLUSTER"/>
 </category>
 <category name="org.jboss.ha">
 <priority value="DEBUG" />
 <appender-ref ref="CLUSTER"/>
 </category>
 -->

 <!-- ======================= -->
 <!-- Setup the Root category -->
 <!-- ======================= -->

 <root>
 <appender-ref ref="CONSOLE"/>
 <appender-ref ref="FILE"/>
 </root>

</log4j:configuration>

3. Re: Issue in encrypting the password using MD5

wolfgangknauf May 12, 2009 4:46 AM (in response to tonyjim)

Hi,

for the logging: I think you are nearly done. But you declared the "CONSOLE" appender twice. Remove one, and set the "Threshold" of the remaining one to "TRACE".

Hope this helps

Wolfgang
Actions

4. Re: Issue in encrypting the password using MD5

tonyjim May 12, 2009 7:45 AM (in response to tonyjim)

I have updatd the jboss-log4j.xml file as below. But no output is generated.
I have started the JBoss Server in Debug Mode in MyEclipse IDE.
Please advice.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">

<!-- ===================================================================== -->
<!-- -->
<!-- Log4j Configuration -->
<!-- -->
<!-- ===================================================================== -->

<!-- $Id: jboss-log4j.xml 65459 2007-09-19 00:25:51Z dimitris@jboss.org $ -->

<!--
 | For more configuration infromation and examples see the Jakarta Log4j
 | owebsite: http://jakarta.apache.org/log4j
 -->

<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">

 <!-- ================================= -->
 <!-- Preserve messages in a local file -->
 <!-- ================================= -->

 <!-- A time/date based rolling appender -->
 <appender name="FILE" class="org.jboss.logging.appender.DailyRollingFileAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="File" value="${jboss.server.log.dir}/server.log"/>
 <param name="Append" value="false"/>

 <!-- Rollover at midnight each day -->
 <param name="DatePattern" value="'.'yyyy-MM-dd"/>

 <!-- Rollover at the top of each hour
 <param name="DatePattern" value="'.'yyyy-MM-dd-HH"/>
 -->

 <layout class="org.apache.log4j.PatternLayout">
 <!-- The default pattern: Date Priority [Category] Message\n -->
 <param name="ConversionPattern" value="%d %-5p [%c] %m%n"/>

 <!-- The full pattern: Date MS Priority [Category] (Thread:NDC) Message\n
 <param name="ConversionPattern" value="%d %-5r %-5p [%c] (%t:%x) %m%n"/>
 -->
 </layout>
 </appender>


 <!-- ============================== -->
 <!-- Append messages to the console -->
 <!-- ============================== -->

 <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="Target" value="System.out"/>

 <!-- Changed by Mike for logging Databaseloginmodule -JBoss -->
 <!--param name="Threshold" value="INFO"/-->
 <param name="Threshold" value="DEBUG"/>

 <layout class="org.apache.log4j.PatternLayout">
 <!-- The default pattern: Date Priority [Category] Message\n -->
 <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c{1}] %m%n"/>
 </layout>
 </appender>

 <!-- ================ -->
 <!-- Limit categories -->
 <!-- ================ -->

 <!-- Added by Micheal John --->
 <category name="org.jboss.security">
 <priority value="DEBUG"/>
 </category>

 <category name="org.jboss.ejb.plugins.cmp">
 <priority value="DEBUG"/>
 </category>

 <category name="org.jboss.ejb.plugins.cmp">
 <priority value="TRACE" class="org.jboss.logging.XLevel"/>
 </category>

 <!-- Limit the org.apache category to INFO as its DEBUG is verbose -->
 <category name="org.apache">
 <priority value="INFO"/>
 </category>

 <!-- Limit the jacorb category to WARN as its INFO is verbose -->
 <category name="jacorb">
 <priority value="WARN"/>
 </category>

 <!-- Limit the org.jgroups category to WARN as its INFO is verbose -->
 <category name="org.jgroups">
 <priority value="WARN"/>
 </category>

 <!-- Limit the org.quartz category to INFO as its DEBUG is verbose -->
 <category name="org.quartz">
 <priority value="INFO"/>
 </category>

 <!-- Limit JBoss categories
 <category name="org.jboss">
 <priority value="INFO"/>
 </category>
 -->

 <!-- Limit the JSR77 categories -->
 <category name="org.jboss.management">
 <priority value="INFO"/>
 </category>

 <!-- Limit the org.jboss.serial (jboss-serialization) to INFO as its DEBUG is verbose -->
 <category name="org.jboss.serial">
 <priority value="INFO"/>
 </category>


 <!-- ======================= -->
 <!-- Setup the Root category -->
 <!-- ======================= -->

 <root>
 <appender-ref ref="CONSOLE"/>
 <appender-ref ref="FILE"/>
 </root>

</log4j:configuration>

5. Re: Issue in encrypting the password using MD5

wolfgangknauf May 12, 2009 9:34 AM (in response to tonyjim)

Hi,

set two values from "DEBUG" to "TRACE":

<appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
 <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
 <param name="Target" value="System.out"/>
==> <param name="Threshold" value="TRACE"/>
 ...
 </appender>

and:

<category name="org.jboss.security">
==> <priority value="TRACE"/>
 <appender-ref ref="CONSOLE"/>
 </category>

In my own log4j.xml, I had added an "appender-ref" element to the categorie element

Hope this helps

Wolfgang

Go to original post