2 Replies Latest reply on Oct 8, 2011 8:49 AM by iabughosh

JBoss 6 with DatabaseServerLoginModule DIGEST auth

iabughosh Oct 5, 2011 6:09 PM

Dears,

I'm using JBoss 6 as my AS, I've successfully done my DatabaseServerLoginModule configuration and it is just working fine with BASIC authentication,

but I'm trying to use DIGEST authentication since it is better than just plain text transfer (BASIC), but it is not working ?? here is my login-config.xml :

<application-policy name="testDB">

<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"

flag="required">

<module-option name="dsJndiName">java:/MyDatabaseDS</module-option>

<module-option name="principalsQuery">myPrinQuery</module-option>

<module-option name="rolesQuery">myRoleQuery</module-option>

<module-option name="hashAlgorithm">SHA</module-option>

<module-option name="hashEncoding">base64</module-option>

<module-option name="hashStorePassword">true</module-option>

</login-module>

</authentication>

</application-policy>

</policy>

and i'm using this code to hash my passwords :

String hashedPassword = Util.createPasswordHash("SHA",

Util.BASE64_ENCODING,

null,

"password");

thanks in advance.

1. Re: JBoss 6 with DatabaseServerLoginModule DIGEST auth

mp911de Oct 7, 2011 1:19 AM (in response to iabughosh)

Hi Ibrahim,
looks good for the first look. I found a post which says, the hashEncoding needs do be some RFC2617...Take a look on http://stackoverflow.com/questions/3078048/how-to-configure-jboss-databaseserverloginmodule-for-digest-authentication-in-a-w, perhaps it can help you.

Best regards,
Mark
Actions
2. Re: JBoss 6 with DatabaseServerLoginModule DIGEST auth

iabughosh Oct 8, 2011 8:49 AM (in response to mp911de)

thanks for your reply Paluch, but i saw this link earlier with no help, anyway I've switched to FORM authentication but i have another problem.
Actions

Go to original post