I need to encrypt the user passwords in the Db and I'm using Dynamic Login
Config. here is my file called as META-INF/dynamic-login-config.xml(in the EAR)
<policy>
|
| <application-policy name = "reservator-security-domain">
| <authentication>
| <login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
| <module-option name="dsJndiName">
| java:/ReservatorDS
| </module-option>
| <module-option name="hashAlgorithm">MD5</module-option>
| <module-option name="hashEncoding">base64</module-option>
| <module-option name="principalsQuery">
| select passwd from Users userName where
userName=?
| </module-option>
| <module-option name="rolesQuery">
| select userRoles, 'Roles' from UserRoles where
userName=?
| </module-option>
| </login-module>
| </authentication>
| </application-policy>
|
| </policy>
And I have genrated my encypted passwords using openssl as:
echo somepassword | openssl dgst -md5 -binary | openssl base64
which is:PnF0L/NODGgfmihE7O4AAA==
and put this in the Db but when I login as the user and type in the password it
gives me the following error:
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
| ControlFlag: LoginModuleControlFlag: required
| Options:
| name=hashAlgorithm, value=MD5
| name=principalsQuery, value=select passwd from Users userName where
userName=?
| name=hashEncoding, value=base64
| name=dsJndiName, value=java:/ReservatorDS
| name=rolesQuery, value=select userRoles, 'Roles' from UserRoles where
userName=?
|
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
initialize
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
Security domain: reservator-security-domain
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
Password hashing activated: algorithm = MD5, encoding = base64, charset =
{default}, callback = null, storeCallback = null
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
DatabaseServerLoginModule, dsJndiName=java:/ReservatorDS
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
principalsQuery=select passwd from Users userName where userName=?
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
rolesQuery=select userRoles, 'Roles' from UserRoles where userName=?
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
suspendResume=true
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
login
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
suspendAnyTransaction
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
Excuting query: select passwd from Users userName where userName=?, with
username: vsp
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
Obtained user password
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
resumeAnyTransaction
| 2009-05-25 10:27:09,906 DEBUG
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
Bad password for username=vsp
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-0.0.0.0-8443-1)
abort
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.plugins.auth.JaasSecurityManagerBase.reservator-security-domain]
(http-0.0.0.0-8443-1) Login failure
| javax.security.auth.login.FailedLoginException: Password Incorrect/Password
Required
| at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:597)
| at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
| at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
| at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
| at java.security.AccessController.doPrivileged(Native Method)
| at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
| at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
| at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
| at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
| at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
| at
org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
| at
org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
| at
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258)
| at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
| at
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
| at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
| at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
| at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
| at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
| at
org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
| at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
| at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
| at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
| at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601)
| at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
| at java.lang.Thread.run(Thread.java:619)
| 2009-05-25 10:27:09,906 TRACE
[org.jboss.security.plugins.auth.JaasSecurityManagerBase.reservator-security-domain]
(http-0.0.0.0-8443-1) End isValid, false
| 2009-05-25 10:27:09,906 TRACE [org.jboss.web.tomcat.security.JBossWebRealm]
(http-0.0.0.0-8443-1) User: vsp is NOT authenticated
| 2009-05-25 10:27:09,906 TRACE [org.jboss.web.tomcat.security.JBossWebRealm]
(http-0.0.0.0-8443-1) End authenticate, principal=null
| 2009-05-25 10:27:09,921 TRACE [org.jboss.web.tomcat.security.RunAsListener]
(http-0.0.0.0-8443-1) default, runAs: null
| 2009-05-25 10:27:09,921 TRACE [org.jboss.web.tomcat.security.RunAsListener]
(http-0.0.0.0-8443-1) default, runAs: null
| 2009-05-25 10:27:09,937 TRACE [org.jboss.web.tomcat.security.RunAsListener]
(http-0.0.0.0-8443-1) default, runAs: null
| 2009-05-25 10:27:09,937 TRACE [org.jboss.web.tomcat.security.RunAsListener]
(http-0.0.0.0-8443-1) default, runAs: null
| 2009-05-25 10:27:09,937 DEBUG
[org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/reservator].[default]]
(http-0.0.0.0-8443-1) Disabling the response for futher output
| 2009-05-25 10:27:09,937 DEBUG
[org.apache.catalina.authenticator.AuthenticatorBase] (http-0.0.0.0-8443-1)
Failed authenticate() test ??/reservator/html/j_security_check
| 2009-05-25 10:27:09,937 TRACE [org.jboss.security.SecurityRolesAssociation]
(http-0.0.0.0-8443-1) Setting threadlocal:null
| 2009-05-25 10:27:09,937 TRACE [org.jboss.security.SecurityRolesAssociation]
(http-0.0.0.0-8443-1) Setting threadlocal:null
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire sessions
StandardManager at 1243272434812 sessioncount 0
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire sessions
StandardManager processingTime 0 expired sessions: 0
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire sessions
StandardManager at 1243272434812 sessioncount 0
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire sessions
StandardManager processingTime 0 expired sessions: 0
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire sessions
StandardManager at 1243272434812 sessioncount 0
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire sessions
StandardManager processingTime 0 expired sessions: 0
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire sessions
StandardManager at 1243272434812 sessioncount 0
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire sessions
StandardManager processingTime 0 expired sessions: 0
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire sessions
StandardManager at 1243272434812 sessioncount 0
| 2009-05-25 10:27:14,812 DEBUG [org.apache.catalina.session.ManagerBase]
(ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire sessions
StandardManager processingTime 0 expired sessions: 0
|
| Please help!!
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4233099#4233099
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4233099
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
