users@glassfish.java.net

Re: Authentication against JDBCRealm is broken in GF 3.1-b29

From: Theodor Richard <theodor.richard_at_googlemail.com>
Date: Fri, 12 Nov 2010 13:05:05 +0100

Thanks Nithya. Very helpful.
Regards,
Theodor



On Fri, Nov 12, 2010 at 12:21 PM, Nithya Subramanian <
Nithya.Subramanian_at_sun.com> wrote:

> A change has been made to make the default-digest algorithm configurable
> in domain.xml, the default configured value is SHA256. Earlier the
> default-digest-algorithm was MD5.
> So, for existing applications (which use digest-algorithm MD5) to work
> seamlessly in the latest builds, the default-digest-algorithm can be changed
> to MD5 by changing this property in the security-service element of
> domain.xml:
>
> <property name="default-digest-algorithm" value="SHA-256"></property>
>
> Another option is to update the specific JDBCRealm to include the
> digest-algorithm property (MD5). This would override the
> default-digest-algorithm in the security-service element and set the it to
> the value specified in the auth-realm element.
>
> <auth-realm name="test"
> classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm">
> <property name="digest-algorithm" value="MD5"></property>
> ....
> </auth-realm>
>
> HTH
> Nithya
>
>
> Theodor Richard wrote:
>
>> Hi,
>>
>> there must be something wrong with authentication in the recent promoted
>> build. With the exact same configuration, it works on b25, but not on b29.
>>
>> Regards,
>> Theodor
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>