Details
-
Bug
-
Resolution: Done
-
Major
-
JBossSecurity_2.0.2.SP3
-
None
Description
During password decryption using SecureIdentityLoginModule there could be an error due to missing leading zeros for certain passwords.
This error might appear in the log:
[SecureIdentityLoginModule] Failed to decode password
javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.BlowfishCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at org.jboss.resource.security.SecureIdentityLoginModule.decode(SecureIdentityLoginModule.java:173)
at org.jboss.resource.security.SecureIdentityLoginModule.commit(SecureIdentityLoginModule.java:114)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)