If you are use Fedora DS and it only save the password in a MD5, try to
configurate it to store it in Plain format...
Today, i´m doing the integration with openDS and I found a bug with hashed
passwords in a crossdomain test...
If you are trying only to sign up in one domain your configuration in the test
application will be something like this:
<login-module code="org.jboss.security.idm.UsernameAndPasswordLoginModule"
flag="sufficient">
|
| <module-option
name="unauthenticatedIdentity">guest</module-option>
|
| <module-option
name="password-stacking">useFirstPass</module-option>
|
| <!--module-option name="hashAlgorithm">MD5</module-option-->
|
| <module-option name="hashUserPassword">true</module-option>
| <module-option name="hashStorePassword">false</module-option>
|
| <module-option
name="authenticatedRoles">Authenticated,RegisteredUsers</module-option>
|
| </login-module>
Note the value of hashUserPassword(true) , that cause if you in the form enter
the password in plain text the LoginModule hash this password with the
specified algorithm and then compare it with the Fedora DS stored password.
Let me know if this configuration work for you!
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4143556#4143556
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4143556
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
