3 Replies Latest reply on Aug 4, 2016 8:37 AM by Krashan Brahmanjara

    WF10,WS-Security,  password digest work only with plain text password in properites file

    Krashan Brahmanjara Newbie

      Hi

       

      I got working configuration with plain text password in properites file.  

      How to change this configuration to use hashed passwords in ws-users.properties file?  Change hashStorePassword to false doesn't help.

       

      <security-domain name="JBossWS-PASSWORDDIGEST">

                          <authentication>

                              <login-module code="UsersRoles" flag="required">

                                  <module-option name="usersProperties" value="${jboss.server.config.dir}/ws-users.properties"/>

                                  <module-option name="rolesProperties" value="${jboss.server.config.dir}/ws-roles.properties"/>

                                  <module-option name="hashAlgorithm" value="SHA"/>

                                  <module-option name="hashEncoding" value="BASE64"/>

                                  <module-option name="hashUserPassword" value="false"/>

                                  <module-option name="hashStorePassword" value="true"/>

                                  <module-option name="passwordIsA1Hash" value="true"/>

                                  <module-option name="storeDigestCallback" value="org.jboss.wsf.stack.cxf.security.authentication.callback.UsernameTokenCallback"/>

                              </login-module>

                          </authentication>

                      </security-domain>