properties-realm with MD5 hash password not working

Question

I'm trying to configure wildfly 23 to use elytron security with properties-realm and FORM mechanism the authentication only works if the password in users.properties is plain text, when I try to use MD5 hashed password it doesnt work

standalone conf changes:

<security-domain name="application-security" default-realm="application-properties" permission-mapper="default-permission-mapper">
      <realm name="application-properties"/>
</security-domain>
...

<properties-realm name="application-properties" groups-attribute="Roles">
   <users-properties path="users.properties" relative-to="jboss.server.config.dir" digest-realm-name="application-properties" plain-text="true" />
   <groups-properties path="roles.properties" relative-to="jboss.server.config.dir"/>
</properties-realm>

...

<http-authentication-factory name="application-security-http" security-domain="application-security" http-server-mechanism-factory="global">
    <mechanism-configuration>
        <mechanism mechanism-name="FORM">
            <mechanism-realm realm-name="application-properties"/>
        </mechanism>
    </mechanism-configuration>
</http-authentication-factory>

...

<application-security-domains>
    <application-security-domain name="application-security" security-domain="application-security"/>
</application-security-domains>

the md5 hash was created using "username:application-properties:password" where application-properties is the realm name

I dont know what I'm missing

Answer 1

in the snippet you posted you have configured plain-text="true" on your properties-realm. Try to remove this setting to see if it works.

If this attribute is true, the passwords in properties file are expected to be stored in plain text. When plain-text="false", they are expected to be pre-hashed in the form of HEX(MD5(username ':' realm ':' password)). If you need base64 instead of hex, you can configure it via hash-encoding attribute of properties-realm.