2 Replies Latest reply on Mar 20, 2019 3:05 PM by Pablo Morales

    Custom salt jdbc-realm

    Pablo Morales Newbie

      Its possible create a custom salt? because the result of :

       

      <principal-query sql="SELECT PASSWORD FROM USER WHERE USERNAME = ?" data-source="myDS">

            <salted-simple-digest-mapper algorithm="password-salt-digest-sha-1" password-index="1" salt-index="2"/>

      </principal-query>

       

      I try with:

       

      • scram-sha-1
      • simple-digest-sha-1
      • password-salt-digest-sha-1

       

       

      but not work with any combination, the result its different to my database password result

        • 1. Re: Custom salt jdbc-realm
          Darran Lofthouse Master

          At the moment no the salt must come from the query against the database although I think some alternative options to obtain the salt from the configuration could be worthwhile.

           

          Not sure which database you are using but it may be possible to define a SELECT which returns a constant value for one of the columns instead.  Not quite configuration but removes the need for it to be stored in the table.

          • 2. Re: Custom salt jdbc-realm
            Pablo Morales Newbie

            I use oracle, in my database, the password is stored through the sha-1 method, for example, the password value (123123) is DQpVVhzNgapwtT7FoOlRsjU0w1g = , but in the main-query query another result is obtained, there is some way to customize the value of the password that it receives