2 Replies Latest reply on Dec 14, 2006 1:46 AM by Purna chand

    how to disable password-stacking property

    Purna chand Newbie

      Hi,

      I am using JBoss-portal-4.0.2. I have a problem with jass code. I want to disable the password stacking option. How can i do it?

      <application-policy name="portal">
       <authentication>
       <login-module code="com.tsky.customlogin.CustomLoginModule" flag="required">
       <module-option name="unauthenticatedIdentity">guest</module-option>
       <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
       <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
       <module-option name="additionalRole">Authenticated</module-option>
       <module-option name="password-stacking">useFirstPass </module-option>
       </login-module>
       </authentication>
       </application-policy>
      


      This is the application policy code that i am using.

      Can anyone help me out in this?

      Thanks in advance....

        • 2. Re: how to disable password-stacking property
          Purna chand Newbie

          Hi,

          I have removed that option in my login-config.xml
          Now my login-config.xml is like this.

          <?xml version='1.0'?>
          <!DOCTYPE policy PUBLIC
           "-//JBoss//DTD JBOSS Security Config 3.0//EN"
           "http://www.jboss.org/j2ee/dtd/security_config.dtd">
          <policy>
           <!-- For the JCR CMS -->
           <application-policy name="cms">
           <authentication>
           <login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
           </authentication>
           </application-policy>
          
           <application-policy name="portal">
           <authentication>
           <login-module code="com.tsky.customlogin.CustomLoginModule" flag="required">
           <module-option name="unauthenticatedIdentity">guest</module-option>
           <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
           <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
           <module-option name="additionalRole">Authenticated</module-option>
           </login-module>
           </authentication>
           </application-policy>
          </policy>


          It is still caching the username and passwords. I want it to go to CustomLoginModule each time.
          Can anyone help me out in this?