Security Jboss

> > *We need to develop and authentication policy using jboss4.2.3 to access to a sqlserver database that has encripted the password using the following .NET Function.

> > *

> >

> >

> > **********************

> > **********************

## Deliverables

*public static string Encrypt(string clearText, string Password)*


*** byte[] clearData = [url removed, login to view](<wbr />*clearText);**

**** PasswordDeriveBytes bytes = new PasswordDeriveBytes(Password, new byte[] { 0x49, 0x76, 0x61, 110, 0x20, 0x4d, 0x65, 100, 0x76, 0x65, 100, 0x65, 0x76 });****

***** return [url removed, login to view](<wbr />*Encrypt(clearData, [url removed, login to view](0x20), [url removed, login to view](0x10)));****


******* *******

********public static byte[] Encrypt(byte[] clearData, byte[] Key, byte[] IV)********


********** MemoryStream stream = new MemoryStream();**********

*********** Rijndael rijndael = [url removed, login to view]();***********

************ [url removed, login to view] = Key;************

************* [url removed, login to view] = IV;*************

************** CryptoStream stream2 = new CryptoStream(stream, [url removed, login to view](), [url removed, login to view]);**************

*************** [url removed, login to view](clearData, 0, [url removed, login to view]);***************

**************** [url removed, login to view]();****************

***************** return [url removed, login to view]();*****************


*******************Name: System.Security.Cryptography.**R<wbr />**ijndael found in


Assembly: mscorlib, Version=1.0.5000.0. There is no password encription

The idea it to include a clase in the login-config xml able to connect to the database and validate the user password against a table. At this moment we have in our java web code.


















<form-login-page>/[url removed, login to view]</form-login-page>

<form-error-page>/[url removed, login to view]</form-error-page>




<description>Controla los accesos al Administrador</description>



But we need to adjust it in order to connect to the sqlserver and retrieve the password. Once the user login the system must validate the user against the server and using a similar algorythm implemented in java.

At this moment we are connecting to the database directly but we have the problem that the password is encrypted so we must change the implementation in order to validate the user.

<application-policy name = "conjuntosreferenciaSIB">


<login-module code = "[url removed, login to view]"

flag = "required">

<module-option name = "dsJndiName">java:/seguridadDS</module-option>

<module-option name = "principalsQuery">SELECT clave as password FROM suscriptor WHERE email=?</module-option>

<module-option name = "rolesQuery">SELECT nomcontrato as role, 'Roles' from contrato ct, suscriptorcontrato sct, suscriptor s WHERE nomcontrato = 'WebDescargasCompleto' AND ct.id_contrato = [url removed, login to view] AND [url removed, login to view] = s.id_suscriptor AND [url removed, login to view] =?</module-option>

<module-option name="debug">true</module-option>





Habilidades: Engenharia, Java, Javascript, Microsoft Access, MySQL, PHP, Arquitetura de software, Teste de Software, Hospedagem Web, Gestão de Site , Teste de Website

Veja mais: web assembly, the algorythm, string pattern, server assembly, sct transport, pattern string, module assembly, jboss login, jboss 7, java web xml login config, java to assembly, java assembly, error page in jsp, database assembly, c string pattern, convert assembly to java, assembly xml, assembly web, assembly java, assembly database

Acerca do Empregador:
( 8 comentários ) Colombia

ID do Projeto: #2932946

Concedido a:


See private message.

$127.5 USD em 24 dias
(106 Comentários)

2 freelancers estão ofertando em média $121 para esse trabalho


See private message.

$114.75 USD in 24 dias
(4 Comentários)