Wednesday Nov 24, 2010

Change in the default digest-algorithm of JDBCRealm in Glassfish v3.1

In GlassFish 3.1, a change has been made to make the default-digest algorithm to be used in JDBCRealm configurable in domain.xml, the default configured value being SHA256. Earlier the default-digest-algorithm was MD5. So, for existing applications (which use digest-algorithm MD5) to work seamlessly in the latest builds, the default-digest-algorithm can be changed to MD5 by changing this property in the security-service element of domain.xml:

<property name="default-digest-algorithm" value="SHA-256"></property> 

Another option is to update the specific JDBCRealm to include the digest-algorithm property (MD5). This would override the default-digest-algorithm in the security-service element and set the it to the value specified in the auth-realm element. 


<auth-realm name="test" classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm">

<property name="digest-algorithm" value="MD5"></property>

....

</auth-realm> 

If an upgrade is performed from v2 or v3 to v3.1, this change of default algorithm is handled (i.e) for JDBCRealms in Glassfish v2x or v3, that did not specify any digest algorithm , on migration to v3.1, the digest-algorithm is specified as MD5(the old default) in the upgraded version so that the realms in the old versions are compatible in GlassFishv3.1. 

About

nitkal

Search

Categories
Archives
« July 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today
Bookmarks