[jboss-user] [Security & JAAS/JBoss] - Login encryption not working

ewade Wed, 06 Dec 2006 12:21:16 -0800

I have MD5 encrypted passwords in my database. I would like the login module to 
encrypt the plain text password before comparing to the database password. I 
have the following application policy set up in the login-config.xml file:
<application-policy name = "HsqlDbRealm">
     
        <login-module code = 
"org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required">
           <module-option name = "principal">sa</module-option>
           <module-option name = "userName">sa</module-option>
           <module-option name = "password"></module-option>
           <module-option name="hashAlgorithm">MD5</module-option>
           <module-option name ="hashEncoding">base64</module-option>
           <module-option name = 
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
        </login-module>
       
    </application-policy>


But its not working. My login page is treating the password as plain text and 
not encoding it before comparison. What am I missing here?
(I am using JBoss 4.0.4 with Hibernate and Postgress 8.1.4.)

Thanks for the help!
Elise Wade

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3991771#3991771

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3991771
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Security & JAAS/JBoss] - Login encryption not working

Reply via email to