Mark Henryson

Ranch Hand
+ Follow
since Jul 11, 2005
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
In last 30 days
0
Forums and Threads

Recent posts by Mark Henryson

I will try this and let you know.
I am using Windows Vista Home Basic with Norton Internet Security 2009.
My Windows firewall has been turned off by norton, as it provides its own firewall.
I have installed mysql and I am trying to configure my mysql 5.1.
While configuring at the last step "Applying Security setting" mysql throws an error saying that to "open the port 3306 TCP and retry".
As my windows firewall has been turned off my norton, I have gone to the norton internet setting and in program control I have seen for mysql the firewall option is already "Auto" with "Allow" option for port 53.
I have added the port 3306 (local port) with TCP. Then I have tried to configure, but still getting the same error message.
I have also added the port to exclude from firewall in windows firewall also. But the result is the same.
Please suggest what needs to be done for it.
Configuring the MySQL in Windows Vista with Norton Internet Security 2009.
Yes, I have already included the "SecurityCheck" as below.
I have restarted the JBoss Server in debug mode in MyEclispe and plasced the breakpoint insdie the SecurityCheck, but it's not going here.
I have put sysout in SecurityCheck and that's also not printing.



>
15 years ago

As suggessted by you, I have decided to subclass the DatabaseServerLoginModule.
But I am facing some issues. In the below implementation of DatabaseServerLoginModule, they are getting the password from the DB.
So the password will be MD5 encrypted value "5f4dcc3b5aa765d61d8327deb882cf99"
After getting the password, I am sending it to convertRawPassword(password) mehtod. The issue I am facing is I couldn't able to decrypt the encrypted value.
For example the clear password is "password" and encrypted one stored in DB is "5f4dcc3b5aa765d61d8327deb882cf99".
I have googled on decrypting the MD5 encrypted password, but everyone is telling it's one way encrytpion and can't decrypt the MD5.
In that case overriding the convertRawPassword(password) mehtod won't be useful.
So I have decided to do it in other way, instead of getting the decrypted value from DB and encrypt it(which is not possible with MD5) to match the clear password,
I decided to encrypt the user entered clear test password, so that it will matches the DB value.

So I have overridden the validatePassword(String inputPassword,String expectedPassword) method from UsernamePasswordLoginModule class.
But It's not invoking this method itself.
Anything I am missing?

>
15 years ago
Thanks for the reply.
Is there any demo/links/resource available on how to use together the Display Tag and AjaxTag with Struts?
15 years ago
I am developing a web application in Struts 1.3.10 and decided to use Ajax, since I will be having more input fields & drop downs in the form.
I want to know how to use AjaxTags with Struts. I have googled and didn't get any useful resources, as each one implementing the AjaxTags in their own way.
Is there any standardized way to use AjaxTags with Struts. I have also decided to use display tags. I have got a nice demo in the display tag site.
But I want to use Display Tag with Ajax Tag in Struts.
If anyone has any good resources/links/sample demo/example will be helpful in developing my application.
15 years ago
Peter,

Yes, you are correct. If I am login with '5f4dcc3b5aa765d61d8327deb882cf99', then I can able to successfully login.
So you mean to say that we need to write our own class which will extends the DatabaseServerLoginModule and override the convertRawPassword(String rawPassword) method.

I have few dobuts in it.
In the login-config.xml I have included the following configuration related to hashing the password which will be taken care by JBoss server.

I have noticed that the DatabaseServerLoginModule extends UsernamePasswordLoginModule.
The main purpose of configuration related to hasing password in login-config is, so that the UsernamePasswordLoginModule will use it hash the password (I am not sure. If not what is the purpose of above configuration related to hashing).
In that case, why I need to again encrypt/decrypt the password.

And If you look at the code in UsernamePasswordLoginModule, they are handling some hashing realted thing. But I am not sure what they are doing?

What I thought is if we done the configuration as like above, the JBoss will get the clear text password which user enters and if the hash related configration is enabled, it will encrypt the clear text password and then it will compare it against with DB encrypted password and authenticate.




I am using the below program to encrypt the password and I have read in one article that we can't able to decrypt the encrypted value using MD5 Message Digest.


for example:
I have encrypted the password "password" as "5f4dcc3b5aa765d61d8327deb882cf99" using MD5.
Is it possible to convert the "5f4dcc3b5aa765d61d8327deb882cf99" to "password"?

To trace the log I have modified the jboss-log4j.xml but I couldn't able to see any log details in either CONSOLE/FILE. Below is my jboss-lo4j.xml.



Please advice.>
15 years ago
I am using JBoss 4.2.2GA application server with Struts and EJB.
I am trying to encrypt the password using the message digest - MD5(given below) and store it in the mysql DB.
Using DatabaseServerLoginModule, I am trying to authenticate, but it's failing. Please help on this.
Please help whether any configuration setting needs to be done.

I want to know how to turn on the log for the DataBaseLogin module to see the log trace. Please help how to do it and what needs to added in jboss-log4j.xml.

I have added the below line in the jboss-log4j.xml, but no output is generated either at console or file.
Any help/advice/suggestion/input will be more helpful for me.


login.config.xml
==================


I am using the below program to encrypt the password using MD5 and storing the encrypted value "5f4dcc3b5aa765d61d8327deb882cf99" in mysql table




my mysql tables
[code ]

mysql> select * from userroles;
+----------+-----------+
| username | userRoles |
+----------+-----------+
| ram | admin |
| sachin | guest |
| tiger | admin |
+----------+-----------+
3 rows in set (0.14 sec)

mysql> select * from users;
+----------+----------------------------------+
| username | passwd |
+----------+----------------------------------+
| ram | passwd |
| sachin | passwd |
| tiger | 5f4dcc3b5aa765d61d8327deb882cf99 |
+----------+----------------------------------+
3 rows in set (0.17 sec)

[/code]

Geting the error message:


15 years ago
Please help on the below query.

I am trying to encrypt the password using the message digest - MD5(given below) and store it in the mysql DB.
Using DatabaseServerLoginModule, I am trying to authenticate, but it's failing. Please help on this.







Geting the error message:


But for the userid: ram and passwd, I am able to login. Whereas for the user "tiger" with the encrypted password, I couldn't able to login.
Please throw some light on it. Please help to check the configuration in login-config.xml

And I have an another doubt. If the user is attempting to enter invalid password for more than 5 times, we need to lock his account.
Whether JBoss' DatabaseServerLoginModule or any other loginmodule is providing this functionality? If not, how to achieve?
15 years ago
still having hope on this forum..any advice/help?
I think, I haven't explained properly. I have two scenarios to explain.

Scenario 1:

I am developing an web application with Struts 1.3.10 and EJB 2.1 with JBoss 4.2.2, which captures users loan/EMI/insurance details. For each user there will have some important events to be notified. for example the due date of the loan amount, it has to generate the mail to user reminding him the due. For this user no need to login into an application. For example: everday at 8 am, one program has to run and get the details of each user to be notified.

Scenario 2:
Using the web application user can able to add some reminders and it's stored in the DB. whenever the user is in the session (logged into the application) and if the reminders falls into it we need to show the pop up of the reminder. For this user needs to be logged into the application.

I thought of doing like Outlook rather than a pop up. Whenever we received a new mail, one sliding window comes up right..like that.

I just started to work on this. Don't where and how to start. Any java/third party (prefably open source) related API specifically for this.
15 years ago
I would like to know how to implement the reminders/task to do list/events in the web aplication (Struts).
For example: I want to set the reminders on the particular day/time, so that pop up should opened to notify the user about the event.
The events details will be stored in the DB. I don't want to check the DB now and then, as it will have the performance hit?
Each day, on particular time, need to notify the user about the events/reminders pending for the particular user?
I know the concept of servlet listeners, but how can we use it to achieve this?
any inputs/suggestions/links?
15 years ago
please help on this.
15 years ago
any inputs/suggestion/idea/advice/links on this???
15 years ago
Sorry.. I thouht posting this ajaz forum and posted here. help to move to ajax forum
15 years ago