0 Replies Latest reply on Oct 9, 2012 10:12 AM by Sai Hegde

    Using the UsersRolesLoginModule

    Sai Hegde Newbie

      I am trying to use the UsersRolesLoginModule and it does work fine when I do not use and hashing, but as soon as I use hashing to encrypt passwords, the authentication breaks

       

      Following is a snippet from the standalone.xml that I am using. Using this configuration, I am only able to authenticate if I use the plain password and not the hashed one.

       

      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="sufficient">
                <module-option name="usersProperties" value="${jboss.server.config.dir}/users.properties"/>
                <module-option name="rolesProperties" value="${jboss.server.config.dir}/roles.properties"/>
                <module-option name="hashAlgorithm" value="MD5"/>
                <module-option name="hashEncoding" value="base64"/>
                <module-option name="hashStorePassword" value="true"/>
                <module-option name="password-stacking" value="useFirstPass"/>
      </login-module>
      
      

       

      Also if I remove

      <module-option name="hashStorePassword" value="true"/>

      from the configuration, none of the passwords work, neither the hashed nor the unhashed ones work.