4 Replies Latest reply on May 21, 2009 5:39 PM by danygandhi.dan.gandhi.state.nm.us

    Seam Indentity.login failure MD5 password hashing issues

    danygandhi.dan.gandhi.state.nm.us

      Hi Guys,
      I setup everything as mentioned in the seam space example,except for creating user,i am not using Identitymanager to create,because i have additional information of the user to be commited to the DB.anyways in the process of manually adding the use to DB,i am hashing the password to MD5 using the logic provided by password hashing section in seam security tutorial.But the login still fails.when i set the hash to none in my users call,the login works normally but when i change it to MD5 and test it against a user with a MD5 salted hash generated from code the login fails.Please give me some direction on what i am doing wrong.Here is a code snippet of my users class if that helps.



      Column(name = "USER_NAME", unique = true, nullable = false, length = 30)
           @NotNull @UserPrincipal
           @Length(max = 30)
           public String getUserName() {
                //log.info("password :"+ cr.getPassword());
                return this.userName;
           }
      
           public void setUserName(String userName) {
                //log.info("username :"+ userName);
                this.userName = userName;
           }
      
           @Column(name = "PASSWORD_HASH", nullable = false, length = 50)
           @NotNull 
           @UserPassword(hash = "NONE")
           @Length(max = 50)
           public String getPasswordHash() {
                return this.passwordHash;
           }
      
           public void setPasswordHash(String passwordHash) {
                //log.info("password :"+ passwordHash);
                this.passwordHash = passwordHash;
           }




      and here is the code snippet of my login.xhtml



                                              <h:form id="login">
                                                   <div
                                                        style="margin: 0 auto; text-align: left; margin-top: 30px; width: 350px;">
                                                   
                                                   <br />
                                                   <h:messages globalOnly="true"/>
                                                   <rich:panel>
                                                        <f:facet name="header">Login</f:facet>
                                                        <ui:remove><h:messages globalOnly="false" styleClass="message"
                                                             errorClass="errormsg" infoClass="infomsg" warnClass="warnmsg"/>
                                                        <rich:messages id="ajaxmsgs" globalOnly="false"
                          styleClass="message" errorClass="errormsg" infoClass="infomsg"
                          warnClass="warnmsg" ajaxRendered="true"
                          rendered="#{showGlobalMessages != 'false'}" />     </ui:remove>
                                                        <div class="dialog"><h:panelGrid columns="2"
                                                             rowClasses="prop" columnClasses="name,value">
                                                             <h:outputLabel for="username">Username</h:outputLabel>
                                                             <h:inputText id="username" value="#{identity.username}" />
                                                             <h:outputLabel for="password">Password</h:outputLabel>
                                                             <h:inputSecret id="password" value="#{identity.password}" />
                                                        </h:panelGrid></div>
                                                        
                               
                                                   </rich:panel>
                                                   <div class="actionButtons" style="text-align: center"><h:commandButton
                                                        value="Login" action="#{identity.login}" /></div>
                                                   
                                                   <br />
                                                   
                                                   </div>
                                              </h:form>