堆栈内存溢出
  简体   繁体   English

无法通过JBoss AS 7安全子系统进行身份验证

[英]Cannot authenticate through JBoss AS 7 security subsystem

 原文  2014-03-16 22:31:17       java/ security/ jboss/ subsystem/ container-managed

问题描述

I do not understand how to use passwords' hashes instead of open passwords. 我不了解如何使用密码的哈希代替开放密码。 When I obtain open password from my MS SQL database everything works fine. 当我从MS SQL数据库获取开放密码时,一切正常。 standalone.xml: 

<security-domain name="SD" cache-type="default">
 <authentication>
  <login-module code="Database" flag="required">
   <module-option name="dsJndiName" value="<jndi>"/>
   <module-option name="principalsQuery" value="select <open_pass> from <table> where <username> = ?"/>
   <module-option name="rolesQuery" value="select <role>, 'Roles' from <table> where <username> = ?"/>       
  </login-module>
 </authentication>
</security-domain>

web.xml : web.xml 

<security-constraint>
    <display-name>General</display-name>
    <web-resource-collection>
        <web-resource-name>/</web-resource-name>
        <description/>
        <url-pattern>/</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <description/>
        <role-name>administrators</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>BASIC</auth-method>
</login-config>
<security-role>
    <description/>
    <role-name>administrators</role-name>
</security-role>

But when I try use something like the following: 但是,当我尝试使用以下内容时: 

<security-domain name="SD" cache-type="default">
 <authentication>
  <login-module code="Database" flag="required">
   <module-option name="dsJndiName" value="<jndi>"/>
   <module-option name="principalsQuery" value="select <pass_hash> from <table> where <username> = ?"/>
   <module-option name="rolesQuery" value="select <role>, 'Roles' from <table> where <username> = ?"/>
   <module-option name="hashAlgorithm" value="SHA-1"/>
   <module-option name="hashEncoding" value="base64"/>       
  </login-module>
 </authentication>
</security-domain>

I obtain Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required even if I enter correct password. 我获得Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required即使输入正确的密码也需要。 pass_hash field have varbinary(64) type in database. pass_hash字段在数据库中具有varbinary(64)类型。 What I missed? 我错过了什么?

1 个解决方案

解决方案1
 1  2014-03-16 22:45:43

Please check the DatabaseServerLoginModule 请检查DatabaseServerLoginModule

Also are you storing the base64 encoded password in the users table. 您还将在用户表中存储base64编码的密码。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 JCE无法在Jboss中部署的Webapp中对提供者BC进行身份验证。 为什么? - JCE cannot authenticate the provider BC in Webapp deployed in Jboss. Why? bouncycastle + JBoss AS7:JCE无法验证提供商BC - bouncycastle + JBoss AS7: JCE cannot authenticate the provider BC java.security.NoSuchProviderException:JCE无法验证servelet中的提供者BC - java.security.NoSuchProviderException: JCE cannot authenticate the provider BC in servelets 无法验证:HttpSession为SPRING_SECURITY_CONTEXT返回空对象 - Cannot authenticate: HttpSession returned null object for SPRING_SECURITY_CONTEXT JBoss5 CLIENT-CERT身份验证获得HTTP状态401-无法使用提供的凭据错误进行身份验证 - JBoss5 CLIENT-CERT authentication getting HTTP Status 401 - Cannot authenticate with the provided credentials error Spring Security无法验证用户 - Spring security not authenticate the user SpringBoot和Spring Security无法验证 - SpringBoot and Spring Security not authenticate 春季安全性不进行身份验证 - spring security does not authenticate Java JBoss安全问题 - Java JBoss Security Problem 了解Web子系统和TLS配置Jboss EAP 6.4 - Understanding web subsystem and TLS configurations Jboss EAP 6.4
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM