1 Reply Latest reply on Mar 5, 2004 1:41 AM by Scott Stark

    Hierachy of Jaas Roles

    zalia Newbie

      I want to create a hierachy of roles that will support inherited rights.

       /**
       * @ejb.interface-method
       * @ejb.permission
       * role-name = "Admin, Managers, Customers"
       *
       * @param menu
       * @return
       * @throws MenuCreateException
       */
      


      For example, the role "Manager" will then have sub-roles "Finance" & "Marketing".
      Does the DatabaseServerLoginModule support this ?

      Thanks a million

      Zalia

        • 1. DatabaseServerLoginModule with MD5 not working for me
          Scott Stark Master

          Hi,

          I've got this login module working with no hashing, but when I introduce the md5 hash, it fails to authenticate my users.

          I have previously stored the hashed passwords in the database using this routine called from ejbStore

          public static String md5Hash(String source)
          {
          try{
          // Obtain a message digest object.
          MessageDigest md = MessageDigest.getInstance("MD5");
          md.update(source.getBytes("ISO-8859-1"));
          // Calculate the digest for the given file.
          byte[] raw = md.digest();
          // Print out the digest in base64.
          BASE64Encoder encoder = new BASE64Encoder();
          return encoder.encode(raw);
          }
          catch (NoSuchAlgorithmException ae)
          {
          ae.printStackTrace();
          }
          catch (UnsupportedEncodingException ee)
          {
          ee.printStackTrace();
          }
          return "";

          }




          My application policy looks like this:
          <application-policy name="secrealm">
          <authentication>
          <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
          <module-option name="dsJndiName">java:/xpetstoreDS </module-option>
          <module-option name="principalsQuery">select pwd from T_ACCOUNT where userId=?</module-option>
          <module-option name="rolesQuery">select userRoles, roleGroup from T_ROLES where username=?</module-option>
          <module-option name="unauthenticatedIdentity">nobody</module-option>
          <module-option name="hashAlgorithm">MD5</module-option>
          <module-option name="hashEncoding">base64</module-option>
          <module-option name="hashCharset">ISO-8859-1</module-option>
          </login-module>
          </authentication>
          </application-policy>


          I took a quick look at the source code for DatabaseServerLoginModule (v1.9) and couldn't see where the hashAlgorithm setting is used (also not mentioned in the javadoc tags)

          Can anyone comment on how to get this to work?
          I am using JBoss 3.2.3

          Many Thanks
          Martin