Hi,

We have seen that using “$JBOSS_HOME/bin/add-user.sh” script we can create Management & Application Users. Using “add-user.sh” script when we create users then the credentials of Management user is stored inside the “$JBOSS_HOME/standalone/configuration/mgmt-users.properties” and inside the “$JBOSS_HOME/standalone/configuration/mgmt-users.properties” file.

Just for awareness as part of this article we are going to see how JBossAS7 actually encodes our passwords when we create a user using “$JBOSS_HOME/bin/add-user.sh”, What kind of “hashAlgorithm” (MD5) and “hashEncoding” (hex) it uses. We will also see how we can create the encoded passwords programatically easily.

We will see it in more details so first we will proceed with creating the Hashed Password. Here we will write a simple program in order to Encrypt the Management User’s password.

Program to Encrypt Management/Application User’s Password

Step1). Write the following program “EncryptPassword.java” inside your file system somewhere.


import java.security.MessageDigest;
import java.math.BigInteger;
import org.jboss.crypto.CryptoUtil;

public class EncryptPassword
  {
    public static void main(String ar[]) throws Exception
     {
       /*
       You will need the following JAFRs in your classpath in order to compile & run this program 
       export CLASSPATH=$JBOSS_HOME/modules/org/picketbox/main/picketbox-4.0.7.Final.jar:$JBOSS_HOME/bin/client/jboss-client.jar:$CLASSPATH:.:
       */

       /*
           JBossAS7 encrypts passwords in the following format:
              HEX( MD5( username ':' realm ':' password))
       */

       String userName=ar[0];
       String realmName=ar[1];
       String password=ar[2];

       String clearTextPassword=userName+":"+realmName+":"+password; 

       String hashedPassword=CryptoUtil.createPasswordHash("MD5", "hex", null, null, clearTextPassword);
       System.out.println("nntclearTextPassword: "+clearTextPassword);
       System.out.println("nthashedPassword: "+hashedPassword);
       System.out.println("ntIf you will create user using "$JBOSS_HOME/bin/add-user.sh" script then you will see the same Hash Value of Password.nn");
     }
  }

Step2). Now Open a terminal/Command prompt then set the PATH to include the JDK “bin” directory in it. Also we will set the CLASSPATH by including the “picketbox-4.0.7.Final.jar” and “jboss-client.jar” jar, which are required in order to compile and run the program. As soon as we will run the following program we will see the HashedPassword which we need to insert in the database “PRINCIPLES” table.


export JBOSS_HOME=/home/userone/jboss-as-7.1.1.Final

export CLASSPATH=$JBOSS_HOME/modules/org/picketbox/main/picketbox-4.0.7.Final.jar:$JBOSS_HOME/bin/client/jboss-client.jar:$CLASSPATH:.:

javac EncryptPassword.java 

java EncryptPassword testUserOne ApplicationRealm testPasswordOne

_________

OUTPUT
_________

	clearTextPassword: testUserOne:ApplicationRealm:testPasswordOne

	hashedPassword: cf8f98f5b90ccc568e1ffc7767ac9d8b

	If you will create user using "$JBOSS_HOME/bin/add-user.sh" script then you will see the same Hash Value of Password.

Now try creating a user using “$JBOSS_HOME/bin/add-user.sh” where userName=testUserOne , realmName=ApplicationRealm and password=testPasswordOne then you will see the “jboss-as-7.1.1.Final/standalone/configuration/application-users.properties” file will have the same Encoded credential as we generated using the above program.

[userone@localhost bin]$ ./add-user.sh 

What type of user do you wish to add? 
 a) Management User (mgmt-users.properties) 
 b) Application User (application-users.properties)
(a): b

Enter the details of the new user to add.
Realm (ApplicationRealm) : ApplicationRealm
Username : testUserOne
Password : testPasswordOne
Re-enter Password : testPasswordOne
What roles do you want this user to belong to? (Please enter a comma separated list, or leave blank for none) : testRole
About to add user 'testUserOne' for realm 'ApplicationRealm'
Is this correct yes/no? yes
Added user 'testUserOne' to file '/home/userone/jboss-as-7.1.1.Final/standalone/configuration/application-users.properties'
Added user 'testUserOne' to file '/home/userone/jboss-as-7.1.1.Final/domain/configuration/application-users.properties'
Added user 'testUserOne' with roles testRole to file '/home/userone/jboss-as-7.1.1.Final/standalone/configuration/application-roles.properties'
Added user 'testUserOne' with roles testRole to file '/home/userone/jboss-as-7.1.1.Final/domain/configuration/application-roles.properties'

.
.
Thanks 🙂
MiddlewareMagic Team

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.