Hi,

I have configured an LDAPLoginModule for my IPlanet LDAP server. There's no problem with that.

Now I want to secure the authentication by adding a hashAlgorithm parameter to the LoginModule so that the password isn't send in clear text over the network.

In my iPlanet5.1 I have configured SHA for hashing the password, iPlanet description says that SHA-1 is used in this case.

So I added the hashAlgorithm option with value "SHA-1" to my LDAPLoginModule in the login-config. The value "SHA-1" seems to be recognized because I get an appropriate error when using a non-valid value.

But now the login fails (see error below). I tried to change the hashEncoding but that also didn't work.

Any ideas?

Andreas

BTW, I use jboss-3.0.4 / tomcat-4.1.12

--------------------------------

15:18:13,453 ERROR [LdapLoginModule] Failed to validate password
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials
]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2731)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2677)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2478)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2395)
at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:239)
...