2 Replies Latest reply on Mar 20, 2019 3:05 PM by pmorales

    Custom salt jdbc-realm

    pmorales
    pmorales Mar 20, 2019 2:45 PM

      Its possible create a custom salt? because the result of :

       

      <principal-query sql="SELECT PASSWORD FROM USER WHERE USERNAME = ?" data-source="myDS">

            <salted-simple-digest-mapper algorithm="password-salt-digest-sha-1" password-index="1" salt-index="2"/>

      </principal-query>

       

      I try with:

       

      • scram-sha-1
      • simple-digest-sha-1
      • password-salt-digest-sha-1

       

       

      but not work with any combination, the result its different to my database password result

      • 154 Views
      • Tags:
        • 1. Re: Custom salt jdbc-realm
          dlofthouse
          dlofthouse Mar 20, 2019 2:53 PM (in response to pmorales)

          At the moment no the salt must come from the query against the database although I think some alternative options to obtain the salt from the configuration could be worthwhile.

           

          Not sure which database you are using but it may be possible to define a SELECT which returns a constant value for one of the columns instead.  Not quite configuration but removes the need for it to be stored in the table.

            • Actions
          • 2. Re: Custom salt jdbc-realm
            pmorales
            pmorales Mar 20, 2019 3:05 PM (in response to pmorales)

            I use oracle, in my database, the password is stored through the sha-1 method, for example, the password value (123123) is DQpVVhzNgapwtT7FoOlRsjU0w1g = , but in the main-query query another result is obtained, there is some way to customize the value of the password that it receives

              • Actions