Jan 18th, 2011, 11:44 AM
Authentication not working with password Encoder
<security:authentication-manager alias="authenticationManager" >
I am not able to authenticate with md5 password encoding. When I remove encoding I am able to authenticate the credentials.
I am using Spring version 3.0.5 and Spring Security version 3.0.5. Also using JDK 1.6.
Thanks in Advance
Jan 18th, 2011, 11:52 AM
Given what you've said, the most likely explanation is that the passwords aren't MD5-encoded in your user data store.
Jan 18th, 2011, 12:00 PM
I do have my password encoded to MD5.
this string for "password"
When I change the value of password in database to string "password" and
remove this attribute
I am fine.
This same code was working with version 2.x. this was my attempt to migrate to version 3.x
Thanks for you prompt reply.
Jan 18th, 2011, 12:07 PM
Ok, you didn't mention anything about changing the password to plaintext.
Write a test case which uses the AuthenticationProvider and step through it in a debugger to see why the authentication is failing. It may just be a case sensitivity issue, for example.
Jan 18th, 2011, 12:14 PM
Here is some more details.
StackTrace dump for Exception.
SEVERE: org.springframework.security.authentication.BadCre dentialsException: Bad credentials
at org.springframework.security.authentication.dao.Da oAuthenticationProvider.additionalAuthenticationCh ecks(DaoAuthenticationProvider.java:71)
at org.springframework.security.authentication.dao.Ab stractUserDetailsAuthenticationProvider.authentica te(AbstractUserDetailsAuthenticationProvider.java: 146)
Jan 18th, 2011, 12:21 PM
As I said, step through the code in a debugger. And try converting the hash to lower case.
Jan 18th, 2011, 12:23 PM
You are right
The encoding was not in lower case. It is working now.
Thanks for your help.
Last edited by binoz; Jan 18th, 2011 at 12:53 PM.
Reason: Change Text
Jan 18th, 2011, 12:28 PM
Did you look at the values in the debugger?
And did you try it with a lower case hash value?
Tags for this Thread