Could you paste the API example?
Elytron use concept of modifiable security realms, but jdbc-realm is not one of them. So I doubt so.
This is the PicketLink code we use to create the DB users:
Realm realm = partitionManager.getPartition(Realm.class, IdentityManagementConfiguration.DB_PARTITION);
IdentityManager identityManager = partitionManager.createIdentityManager(realm);
User user = new User(username);
identityManager.updateCredential(user, new Password(password));
to replace this in Elytron we basically need to know how to create the password hash to put in the DB (we are using bcrypt).
ok, it looks like the required code to create hashed password is here:
When creating the bcrypt password mapper, does the salt and iterations have to come from the database, or can they be set as constant values in standalone.xml?
Example code for anyone else who needs to do this:
byte salt = PasswordUtil.generateRandomSalt(BCRYPT_SALT_SIZE);
PasswordFactory factory = PasswordFactory.getInstance(ALGORITHM_BCRYPT);
BCryptPassword bcrypt = (BCryptPassword) factory.generatePassword(new EncryptablePasswordSpec(
password.toCharArray(), new IteratedSaltedPasswordAlgorithmSpec(DEFAULT_ITERATION_COUNT, salt)));
You then have to store the hash, salt and iterations in the user DB.