I have normal login which compares password and email. Now my passwords are stored as md5-hash.
I dont know how to split the query to hash to login-password.
code:
public boolean login() { try { HashMapperAction hashPassword = new HashMapperAction(); //hashPassword.hash(password) User user = (User) em.createQuery( "from User where email = :username and password = :password") .setParameter("username", identity.getUsername()) .setParameter("password", identity.getPassword()) .getSingleResult(); if(user.getUserRoles() != null) { for(UserRole ur : user.getUserRoles()) identity.addRole(ur.getType().toString()); } activeUser = user; return true; }catch(NoResultException ex) { return false; } }
HashMapperAction.hash() is the method which build md5-hash, it works for storing the passwords.
now i need an advice to compare these passwords in login process. thx
If the password is stored in the database hashed, then change the password
parameter value to the hash of the password they typed. That should allow you to compare them in the database.