Getting "org.jasypt.exceptions.EncryptionOperationNotPossibleException" when trying to login

Question

I'm using Jasypt 1.9.0, Spring 3.1.1.RELEASE, and Maven 3.0.3. When I enter a username and password on my login page and submit, I get the following error …

org.jasypt.exceptions.EncryptionOperationNotPossibleException
    org.jasypt.digest.StandardByteDigester.matches(StandardByteDigester.java:1107)
    org.jasypt.digest.StandardStringDigester.matches(StandardStringDigester.java:1052)
    org.jasypt.util.password.ConfigurablePasswordEncryptor.checkPassword(ConfigurablePasswordEncryptor.java:252)
    org.jasypt.spring.security3.PasswordEncoder.isPasswordValid(PasswordEncoder.java:207)
    org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:64)
    org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:149)
    org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
    org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
    org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:194)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:184)
    org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:155)
    org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
    org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)

Here is the Spring security I have setup

<beans:bean id="bcProvider" class="org.bouncycastle.jce.provider.BouncyCastleProvider" />

<beans:bean id="jasyptPasswordEncryptor" class="org.jasypt.util.password.ConfigurablePasswordEncryptor">
    <beans:property name="algorithm">
        <beans:value>SHA-256</beans:value>
    </beans:property>
    <beans:property name="provider">
        <beans:ref bean="bcProvider" />
    </beans:property>
</beans:bean>

<!-- This Spring Security-friendly PasswordEncoder implementation will -->
<!-- wrap the PasswordEncryptor instance so that it can be used from -->
<!-- the security framework. -->
<beans:bean id="passwordEncoder" class="org.jasypt.spring.security3.PasswordEncoder">
    <beans:property name="passwordEncryptor">
        <beans:ref bean="jasyptPasswordEncryptor" />
    </beans:property>
</beans:bean>

<authentication-manager alias="authenticationManager"
    id="authenticationManager">
    <authentication-provider user-service-ref="sbdUserDetailsService">
        <password-encoder ref="passwordEncoder" />
    </authentication-provider>
</authentication-manager>

The Jasypt docs aren't very helpful and I don't know what else to check. Grateful for any help here. -

Answer 1

It's probably intentionally impossible to tell the cause of the error from the Jasypt library without debugging into it and finding the underlying exception. My guess would be you have an undigested password in the back end store (the most likely source of failures to compare digested passwords).