Announcement Announcement Module
Collapse
No announcement yet.
Authentication not working with password Encoder Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Authentication not working with password Encoder

    <security:authentication-manager alias="authenticationManager" >

    <security:authentication-provider user-service-ref="customUserDetailsService">

    <securityassword-encoder hash="md5"/>

    </security:authentication-provider>


    </security:authentication-manager>

    ----------------

    I am not able to authenticate with md5 password encoding. When I remove encoding I am able to authenticate the credentials.

    I am using Spring version 3.0.5 and Spring Security version 3.0.5. Also using JDK 1.6.


    Thanks in Advance

  • #2
    Given what you've said, the most likely explanation is that the passwords aren't MD5-encoded in your user data store.

    Comment


    • #3
      I do have my password encoded to MD5.
      this string for "password"
      5F4DCC3B5AA765D61D8327DEB882CF99


      When I change the value of password in database to string "password" and
      remove this attribute
      <securityassword-encoder hash="md5"/>

      I am fine.

      This same code was working with version 2.x. this was my attempt to migrate to version 3.x

      Thanks for you prompt reply.

      Comment


      • #4
        Ok, you didn't mention anything about changing the password to plaintext.

        Write a test case which uses the AuthenticationProvider and step through it in a debugger to see why the authentication is failing. It may just be a case sensitivity issue, for example.

        Comment


        • #5
          Here is some more details.
          StackTrace dump for Exception.

          SEVERE: org.springframework.security.authentication.BadCre dentialsException: Bad credentials
          at org.springframework.security.authentication.dao.Da oAuthenticationProvider.additionalAuthenticationCh ecks(DaoAuthenticationProvider.java:71)
          at org.springframework.security.authentication.dao.Ab stractUserDetailsAuthenticationProvider.authentica te(AbstractUserDetailsAuthenticationProvider.java: 146)



          -bino

          Comment


          • #6
            As I said, step through the code in a debugger. And try converting the hash to lower case.

            Comment


            • #7
              You are right
              The encoding was not in lower case. It is working now.

              Thanks for your help.


              -Bino
              Last edited by binoz; Jan 18th, 2011, 01:53 PM. Reason: Change Text

              Comment


              • #8
                Did you look at the values in the debugger?

                And did you try it with a lower case hash value?

                Comment

                Working...
                X