I have MD5 encrypted passwords in my database. I would like the login module to
encrypt the plain text password before comparing to the database password. I
have the following application policy set up in the login-config.xml file:
<application-policy name = "HsqlDbRealm">
<login-module code =
"org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required">
<module-option name = "principal">sa</module-option>
<module-option name = "userName">sa</module-option>
<module-option name = "password"></module-option>
<module-option name="hashAlgorithm">MD5</module-option>
<module-option name ="hashEncoding">base64</module-option>
<module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
</login-module>
</application-policy>
But its not working. My login page is treating the password as plain text and
not encoding it before comparison. What am I missing here?
(I am using JBoss 4.0.4 with Hibernate and Postgress 8.1.4.)
Thanks for the help!
Elise Wade
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3991771#3991771
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3991771
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
