0 Replies Latest reply on May 7, 2016 12:35 PM by kliws

    jboss 7 requires password in an encrypted form


      My problem is: I keep passwords encrypted in sql database, and JBoss rejects me when I enter them in normal (not hashed) form. What is more, when I try with their hashed forms  i.e. "X8oyfUbUbfqE9IWvAW1/3"  instead of "admin" - it's fine...

      Here is a snippet from my configuration xml file:

        <security-domain name="mysqldomain" cache-type="default">


                              <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">

                                  <module-option name="dsJndiName" value="java:/MySqlDS"/>

                                  <module-option name="principalsQuery" value="select passwd from USERS where login=?"/>

                                  <module-option name="rolesQuery" value="select role, 'Roles' from USER_ROLES where login=?"/>

                                  <module-option name="hashAlgorithm" value="MD5"/>

                                  <module-option name="hashEncoding" value="BASE64"/>

                                  <module-option name="hashStorePassword" value="true"/>

                                  <module-option name="hashUserPassword" value="true"/>




      I tried evey combination of the last two options, and both normal and encrypted password aren't correct  in the rest of the cases.


      My jboss-web.xml file:






      I would greatly appreciate any help.