我不明白如何使用密码的哈希值而不是打开密码。当我从我的MS SQL数据库中获得开放密码时,一切都很好。 standalone.xml:
<security-domain name="SD" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="<jndi>"/>
<module-option name="principalsQuery" value="select <open_pass> from <table> where <username> = ?"/>
<module-option name="rolesQuery" value="select <role>, 'Roles' from <table> where <username> = ?"/>
</login-module>
</authentication>
</security-domain>
web.xml :
<security-constraint>
<display-name>General</display-name>
<web-resource-collection>
<web-resource-name>/</web-resource-name>
<description/>
<url-pattern>/</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>administrators</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<description/>
<role-name>administrators</role-name>
</security-role>
但是当我尝试使用以下内容时:
<security-domain name="SD" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="<jndi>"/>
<module-option name="principalsQuery" value="select <pass_hash> from <table> where <username> = ?"/>
<module-option name="rolesQuery" value="select <role>, 'Roles' from <table> where <username> = ?"/>
<module-option name="hashAlgorithm" value="SHA-1"/>
<module-option name="hashEncoding" value="base64"/>
</login-module>
</authentication>
</security-domain>
即使输入正确的密码也能得到Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required。pass_hash字段在数据库中具有varbinary(64)类型。我错过了什么?
请检查DatabaseServerLoginModule
还将base64编码的密码存储在users表中