I studied docs and your link about securing datasource passwords.
Tried to make as written, but it doesn't works in my situation.
IDEA: Client is authentificated using DB via "DatabaseServerLoginModule"
Client sends plain password but on server it is hashed in compared
with passwd field value that also is hashed
I need hide password in -ds.xml.
Client App logins to server using Security domain "IBAuthDomain"
user name and password is stored in DB in hashed view.
This configs works fine while
datasource not using <security-domain>IBSimpleDomain</>
but use sysdba masterkey in -ds.xml.
If I
comment in -ds.xml
<user-name>sysdba</user-name>
| <password>masterkey</password>
uncomment
<!-- <security-domain>IBSimpleDomain</security-domain> -->
Error occures because principal = null
Whats wrong ?
Thanks.
FILE: D:\JAVA\jboss-3.2.5\server\all\conf\login-config.xml
|
| #############################################################
|
| <application-policy name = "IBSimpleDomain">
| <authentication>
| <login-module code =
"org.jboss.resource.security.SecureIdentityLoginModule" flag = "required">
| <module-option name = "UserName">sysdba</module-option>
| <module-option name = "Password">667f11fbdfef90b6d7b145018f031a36</module-option>
| <module-option name =
"managedConnectionFactoryName">jboss.jca:servce=LocalTxCM,name=IBAuthDS1</module-option>
| <module-option name = "debug">true</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
|
| <application-policy name = "IBAuthDomain">
| <authentication>
| <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
| <module-option name = "hashAlgorithm">MD5</module-option>
| <module-option name = "hashEncoding">base64</module-option>
| <module-option name = "dsJndiName">java:/IBAuthDS1</module-option>
| <module-option name = "principalsQuery">select USER_PASS from USERS u
where u.USER_NAME=?</module-option>
| <module-option name = "rolesQuery">
| SELECT ROLE_NAME, 'Roles'
| FROM USERS U, USERS_GROUPS UG, GROUPS G,
| GROUPS_ROLES GP, ROLES R
| WHERE U.USER_ID = UG.USER_ID AND UG.GROUP_ID = G.GROUP_ID AND
| G.GROUP_ID = GP.GROUP_ID AND GP.ROLE_ID = R.ROLE_ID
| AND U.USER_NAME = ?
| </module-option>
| <module-option name = "debug">true</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
|
|
| #############################################################
|
| FILE: D:\JAVA\jboss-3.2.5\server\all\deploy\ibauth-ds.xml
|
| #############################################################
|
| <?xml version="1.0" encoding="UTF-8"?>
| <!-- ==================================================================== -->
| <!-- New ConnectionManager setup for firebird dbs using jca-jdbc xa driver-->
| <!-- Build jmx-api (build/build.sh all) and view for config documentation -->
| <!-- ==================================================================== -->
| <connection-factories>
| <tx-connection-factory>
| <jndi-name>IBAuthDS1</jndi-name>
| <xa-transaction/>
| <adapter-display-name>Firebird Database Connector</adapter-display-name>
| <config-property name="Database"
type="java.lang.String">localhost/3050:D:/JWORK/db/jfina.fdb</config-property>
| <user-name>sysdba</user-name>
| <password>masterkey</password>
| <!-- <security-domain>IBSimpleDomain</security-domain> -->
| <min-pool-size>5</min-pool-size>
| </tx-connection-factory>
| </connection-factories>
|
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3846366#3846366
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3846366
-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
