[英]Cannot authenticate through JBoss AS 7 security subsystem
I do not understand how to use passwords' hashes instead of open passwords. 我不了解如何使用密码的哈希代替开放密码。 When I obtain open password from my MS SQL database everything works fine. 当我从MS SQL数据库获取开放密码时,一切正常。 standalone.xml:
<security-domain name="SD" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="<jndi>"/>
<module-option name="principalsQuery" value="select <open_pass> from <table> where <username> = ?"/>
<module-option name="rolesQuery" value="select <role>, 'Roles' from <table> where <username> = ?"/>
</login-module>
</authentication>
</security-domain>
web.xml
: web.xml
:
<security-constraint>
<display-name>General</display-name>
<web-resource-collection>
<web-resource-name>/</web-resource-name>
<description/>
<url-pattern>/</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>administrators</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<description/>
<role-name>administrators</role-name>
</security-role>
But when I try use something like the following: 但是,当我尝试使用以下内容时:
<security-domain name="SD" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="<jndi>"/>
<module-option name="principalsQuery" value="select <pass_hash> from <table> where <username> = ?"/>
<module-option name="rolesQuery" value="select <role>, 'Roles' from <table> where <username> = ?"/>
<module-option name="hashAlgorithm" value="SHA-1"/>
<module-option name="hashEncoding" value="base64"/>
</login-module>
</authentication>
</security-domain>
I obtain Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
even if I enter correct password. 我获得Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
即使输入正确的密码也需要。 pass_hash
field have varbinary(64)
type in database. pass_hash
字段在数据库中具有varbinary(64)
类型。 What I missed? 我错过了什么?
Please check the DatabaseServerLoginModule 请检查DatabaseServerLoginModule
Also are you storing the base64 encoded password in the users table. 您还将在用户表中存储base64编码的密码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.