Senha invalida no login usando JAAS e Digest no Jboss 7

HarryPodre · Março 19, 2013, 12:16pm

Bom dia!

Estou tentando utilizar JAAS com Digest e sempre recebo a exception abaixo:

08:57:32,426 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--0.0.0.0-8080-1) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
	at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:270) [picketbox-4.0.7.Final.jar:4.0.7.Final]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_17]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_17]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_17]
	at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_17]
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [rt.jar:1.6.0_17]
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [rt.jar:1.6.0_17]
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [rt.jar:1.6.0_17]
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [rt.jar:1.6.0_17]
	at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [rt.jar:1.6.0_17]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:367) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
	at org.apache.catalina.authenticator.DigestAuthenticator$DigestInfo.authenticate(DigestAuthenticator.java:697) [jbossweb-7.0.13.Final.jar:]
	at org.apache.catalina.authenticator.DigestAuthenticator.authenticate(DigestAuthenticator.java:270) [jbossweb-7.0.13.Final.jar:]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:]
	at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.1.Final.jar:7.1.1.Final]
	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
	at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_17]

web.xml:

<login-config>
	<auth-method>DIGEST</auth-method>
        <realm-name>realm</realm-name>
</login-config>

standalone.xml:

<security-domain name="realm">
        <authentication>
               <login-module code="Database" flag="required">
                        <module-option name="dsJndiName" value="java:/datasource"/>
                        <module-option name="principalsQuery" value="select password from users where username = ?"/>
                        <module-option name="hashAlgorithm" value="SHA-256"/>
                        <module-option name="hashUserPassword" value="false"/>
                        <module-option name="hashStorePassword" value="true"/>
               </login-module>
        </authentication>
</security-domain>

O código que usei para gerar a senha:

public String criptografaSenha(String senha) throws NoSuchAlgorithmException
	{
		MessageDigest md = MessageDigest.getInstance("SHA-256");
		BigInteger hash = new BigInteger(1, md.digest(senha.getBytes()));
		String s = hash.toString(16);
		if (s.length() % 2 != 0)
			s = "0" + s;
		return s;
	}

O registro no banco foi inserido com a senha gerada pelo método acima.

Alguém usa jaas com digest? Sabe o que falta no código acima?

Obrigado!
Gustavo Belloni Metzner

system · Dezembro 30, 2015, 2:00pm

Senha invalida no login usando JAAS e Digest no Jboss 7

Cursos de Mobile

Cursos de Programação

Cursos de Front-end

Cursos de DevOps

Cursos de Design & UX

Cursos de Business

Cursos de Data & BI