custom encryption logic in jboss login module
pradhap1125 May 24, 2017 5:56 AMDear All,
My application is an Identity provider which uses picketlink to generate SAML token and as a part of authentication I'm using database login module of jboss security domain and password in my database is encrypted using SHA-256 algorithm using UTF-8 and Base64 encoding.So in my login module I have placed these algorithms and authentication is working fine .
But if I need to place my own logic for encryption,how can I mention that in login module .For example if I'm using my own encoding logic instead of base64 ,How to do that. I also tried to figure out method responsible for processing these logic in picketbox module and tried to override it.But nothing worked .Please any one help me with this. Below is the code of my database login module
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/auth"/>
<module-option name="principalsQuery" value="select password from auth where user_name=?"/>
<module-option name="rolesQuery" value="SELECT role,'Roles' FROM role where user_name=?"/>
<module-option name="hashAlgorithm" value="SHA-256"/>
<module-option name="hashCharset" value="UTF-8"/>
<module-option name="hashEncoding" value="Base64"/>
</login-module>
</authentication>
The respective java encryption code is below:
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(rawPassword.getBytes(StandardCharsets.UTF_8));
byte[] encoded = Base64.encodeBase64(hash);
String encryptedPassword=new String(encoded);
If i'm using my own way of encoding instead of base64 as below:
StringBuilder sb = new StringBuilder();
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(rawPassword.getBytes(StandardCharsets.UTF_8));
for (int i = 0; i < hash.length; i++) {
sb.append(Integer.toString((hash[i] & 0xff) + 0x100, 16).substring(1));
}
String encryptedPassword=sb.toString();
How to mention this encoding logic in my login module?