I configured my standalone.xml like that:
<security-domain name="portalRealm">
<authentication>
<module-option name="hashAlgorithm" value="SHA-256"/>
<module-option name="hashEncoding" value="base64"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
I updated the password in the database using the value that I got from http://insidepro.com/hashes.php?lang=eng#2.
It worked perfectly, I authenticated correctly with JAAS, but now I need to update the password with SHA-256+Base64 through my application.
I tried using the seam security Base64 class:
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update("teste".getBytes());
String shaValue = stringHexa(md.digest()); //here I get the correct SHA-256 value (46070d4bf934fb0d4b06d9e2c46e346944e322444900a435d7d9a95e6d7435f5).
org.jboss.seam.security.util.Base64.encodeBytes(shaValue); //here I get the wrong value (
NDYwNzBkNGJmOTM0ZmIwZDRiMDZkOWUyYzQ2ZTM0Njk0NGUzMjI0NDQ5MDBhNDM1ZDdkOWE5NWU2
ZDc0MzVmNQ==) instead of (RgcNS/k0+w1LBtnixG40aUTjIkRJAKQ119mpXm10NfU=)
My stringHexa method:
private String stringHexa(byte[] bytes) {
StringBuilder s = new StringBuilder();
for (int i = 0; i < bytes.length; i++) {
int parteAlta = ((bytes[i] >> 4) & 0xf) << 4;
int parteBaixa = bytes[i] & 0xf;
if (parteAlta == 0) {
s.append('0');
}
s.append(Integer.toHexString(parteAlta | parteBaixa));
}
return s.toString();
}
Does somebody know why I'm getting the incorrect Base64 value? Does JBoss AS come with its own libraries to deal with encoding and decoding?