This content has been marked as final.
Show 1 reply
-
1. Re: storing encrypted password?
pearl81 Mar 25, 2004 10:53 PM (in response to jkim9)You can store the MD5 hash of the password instead of the password itself.
Hence instead of storing
hellouser=hellopassword you can store
hellouser=<MD5 Hash of the hellopassword in base64 or hex format>
and then in your login-config.xml you can mention the following for your JAAS group
<application-policy name = "HelloGroup">
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" >
<module-option name="usersProperties">users.properties</module-option>
<module-option name="hashAlgorithm">MD5</module-option>
<module-option name="hashEncoding">hex</module-option>
<module-option name="unauthenticatedIdentity">nobody</module-option>
</login-module>