OK, I am sure where the password is encrypted. But the invocation chain is : a. OpenEJB client passes the authentication info to the server ( It should be in plain text, as I did not find codes for encryption, maybe I miss it somewhere) b. org.apache.geronimo.openejb.GeronimoSecurityService is the SPI class for the ejb authentication. c. Your realm/loginModule. Adding some debug points on these places should help to find the reason. Hope it helps.
2011/1/4 sanjay kumar <[email protected]> > hi, > yeah , these values are actual values used. And the security realm I use > is written by me. > > On Tue, Jan 4, 2011 at 7:14 AM, Ivan <[email protected]> wrote: > >> Are these properties the actual values used in your real environment ? And >> which login moduel do you use, from Geronimo or written by yourself ? >> >> 2011/1/3 sanjay kumar <[email protected]> >> >> Hi, >>> I am calling a realm by its name and passing the user name and >>> password as principal and credentials. In the initializer method of login >>> module of realm I am getting the username and password. But password is in >>> encrypted form. I need the password to be in decrypted form. My code is >>> given below about how I am passing the username and password and how I am >>> getting them: >>> >>> Test client code:(only some portion, not full) >>> >>> Properties props = new Properties(); >>> >>> props.put("java.naming.factory.initial","org.apache.openejb.client.RemoteInitialContextFactory"); >>> >>> props.put("java.naming.provider.url", "127.0.0.1:4201"); >>> props.put("java.naming.security.principal", "sanjay"); >>> props.put("java.naming.security.credentials", "test"); >>> ..................... >>> ..................... >>> ..................... >>> >>> >>> the login module code in which I get the username and password: >>> >>> >>> Callback[] callbacks = new Callback[2]; >>> callbacks[0] = new NameCallback("username: "); >>> callbacks[1] = new PasswordCallback("password: ", false); >>> try{ >>> handler.handle(callbacks); >>> >>> username = ((NameCallback)callbacks[0]).getName(); >>> // This line prints the username as specified above code as principal. >>> i.e sanjay >>> System.out.println("@@@@@@@@@@@@@@@@@@@@"+username); >>> if(username == null) >>> { >>> throw new LoginException("No user specified"); >>> } >>> >>> char[] tmpPassword >>> =((PasswordCallback)callbacks[1]).getPassword(); >>> //This line prints the password but in encrypted form. its something like >>> this :[...@57a3ec8d. I need this to be as it is in credentials in test >>> code i.e it should print "test". >>> System.out.println("@@@@@@@@@@@@@@@@@@@@"+tmpPassword); >>> if (tmpPassword == null) >>> { >>> // treat null password as an empty password >>> tmpPassword = new char[0]; >>> } >>> System.out.println("@@@@@@@@@@@"+tmpPassword); >>> >>> } >>> >>> >>> >>> >>> >>> I am using Geronimo 2.2. Any suggestions? >>> >>> >>> >>> >>> >>> >>> -- >>> Regards: >>> Sanjay Kumar >>> [email protected] >>> Java Developer >>> >>> >>> >> >> >> -- >> Ivan >> > > > > -- > Regards: > Sanjay Kumar > [email protected] > Java Developer > > > -- Ivan
