-
1. Re: Howto encrypt connection factory passwords
starksm64 Feb 5, 2004 2:32 AM (in response to starksm64)The code for the SecureIdentityLoginMdule may be view from the cvs browser here:
http://cvs.sourceforge.net/viewcvs.py/jboss/jbosscx/src/main/org/jboss/resource/security/SecureIdentityLoginMdule.java?only_with_tag=Branch_3_2
This will take 24 hours to be visible since the viewer runs off of the anonymous cvs repository. -
2. Re: Howto encrypt connection factory passwords
emmaueze Mar 30, 2004 1:00 PM (in response to starksm64)How do I generate the ecrypted password to use in conf/login-config.xml file?
Thanks
Emmanuel -
3. Re: Howto encrypt connection factory passwords
starksm64 Mar 30, 2004 1:30 PM (in response to starksm64)Get the SecureIdentityLoginModule code and look at the main method.
[starksm@banshee jboss-3.2.4RC2]$ java -cp 'lib/jboss-jmx.jar;lib/jboss-common.jar;server/default/deploy/jboss-jca.sar;server/default/lib/jbosssx.jar' org.jboss.resource.security.SecureIdentityLoginModule password Encoded password: 5dfc52b51bd35553df8592078de921bc
-
4. Re: Howto encrypt connection factory passwords
emmaueze Mar 30, 2004 1:52 PM (in response to starksm64)I ran it but it threw the following Exception :
Exception in thread "main" java.lang.NoClassDefFoundError: org/jboss/resource/security/SecureIdentityLoginModule
I'm running Jboss-3.2.3.
Thanks
Emmanuel -
5. Re: Howto encrypt connection factory passwords
adrian.brock Mar 30, 2004 5:06 PM (in response to starksm64)It is in jboss-3.2.4RC1
Regards,
Adrian -
6. Re: Howto encrypt connection factory passwords
emmaueze Apr 14, 2004 10:50 AM (in response to starksm64)everything seem to be fine now. I added the authentication tag to login-config.xml and it works. so everything now looks like this:
<application-policy name = "MsqlDbRealm">
<login-module code = "org.jboss.resource.security.SecureIdentityLoginModule"
flag = "required">
<module-option name = "username">theuser</module-option>
<module-option name = "password">3f1eade193525626</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MYDATASRC</module-option>
</login-module>
</application-policy> -
7. Re: Howto encrypt connection factory passwords
nuwunuwu Jun 16, 2004 2:23 AM (in response to starksm64)Can not generate encoded password using IndentityLoginModule.
I included jce.jar and jboss-jaas.jar, otherwise there was another exception.
F:\jboss-3.2.4RC1>java -cp C:\j2sdk1.4.1_03\jre\lib\jce.jar;F:\jboss-3.2.4RC1\cl
ient\jboss-jaas.jar;lib\jboss-jmx.jar;lib\jboss-common.jar;server\default\deploy
\jboss-jca.jar;server\default\lib\jbosssx.jar org.jboss.resource.security.Secure
IdentityLoginModule password
Exception in thread "main" java.lang.NoSuchMethodError
at javax.crypto.SunJCE_b.(DashoA6275)
at javax.crypto.Cipher.a(DashoA6275)
at javax.crypto.Cipher.getInstance(DashoA6275)
at org.jboss.resource.security.SecureIdentityLoginModule.encode(SecureId
entityLoginModule.java:131)
at org.jboss.resource.security.SecureIdentityLoginModule.main(SecureIden
tityLoginModule.java:161) -
8. Re: Howto encrypt connection factory passwords
burrifro Jun 23, 2004 7:56 PM (in response to starksm64)So what is sent to the database, the hashed password? How does the database know it is the hash?
-
9. Re: Howto encrypt connection factory passwords
burrifro Jun 24, 2004 5:22 PM (in response to starksm64)I keep getting the following error message. Does anyone know this means?
2004-06-24 16:14:02,031 ERROR [org.jboss.resource.security.AbstractPasswordCredentialLoginModule] The ConnectionManager mbean: jboss.jca:servce=LocalTxCM,name=OracleDB specified in a ConfiguredIdentityLoginModule could not be found. ConnectionFactory will be unusable!
2004-06-24 16:14:02,031 INFO [STDOUT] java.lang.SecurityException: Invalid authentication attempt, principal=null -
10. Re: Howto encrypt connection factory passwords
agent82_a Jul 8, 2004 1:26 AM (in response to starksm64)It's an encrypted form of the password, not the hashed of the password. The encrypted form of the password will be decrypted before sending it to the database.
If it is a hashed password, then there's no way to convert that hash value to the original password.
correct me if i'm wrong. -
11. Re: Howto encrypt connection factory passwords
juha Jan 14, 2005 8:37 AM (in response to starksm64)Changed for 4.0.1, the command line is as follows:
$ java -cp "lib/jboss-jmx.jar;lib/jboss-common.jar;server/default/lib/jboss-jca.jar;server/default/lib/jbosssx.jar"
org.jboss.resource.security.SecureIdentityLoginModule password
Encoded password: 5dfc52b51bd35553df8592078de921bc -
12. Re: Howto encrypt connection factory passwords
jitubats May 25, 2007 12:26 PM (in response to starksm64)Is there a way I can store passwords not in login-config.xml.
I am trying to store all my encrypted passwords in either -ds.xml file or another file outside the conf directory.
Thanks,
Jitesh