On Wed, May 8, 2013 at 3:06 AM, Tania Marinova <taniamm2...@yahoo.com> wrote: > > I store the hashed password but also the salt in a separate column (because > I should hash then the plain text password with the same same hash) >
IMHO you are not doing this correctly, you want to store the result of the salt + hash, ie digest, in only one db column as a Base64 String. Plus you are getting an NPE because either your password is null, or the constructor of PBEKeySpec is throwing the NPE because your salt is null. I can't tell from the stacktrace but the error is on line 68 of your PWCB class. As I mentioned in another email, I suggest using a higher level API like Jasypt to create the digest, then only store that result in just one column in the db. - R --------------------------------------------------------------------- To unsubscribe, e-mail: java-user-unsubscr...@axis.apache.org For additional commands, e-mail: java-user-h...@axis.apache.org
