Integrate existing password store
Procedure 13.1. Integrate Existing Password Store Read this procedure to understand the steps involved to integrate your existing password store. Create Hashed Password Information Store If your passwords are already stored in an irreversible hashed form, then this can only be done on a per-user basis (for example, as part of an upgrade procedure). You can implement setUserVerifier(String, VerifierInfo) as a noOp method, or a method that throws an exception stating that the store is read-only. Create SRPVerifierStore Interface You must create a custom SRPVerifierStore interface implementation that understands how to obtain the VerifierInfo from the store you created. The verifyUserChallenge(String, Object) can be used to integrate existing hardware token based schemes like SafeWord or Radius into the SRP algorithm. This interface method is called only when the client SRPLoginModule configuration specifies the hasAuxChallenge option. Create JNDI MBean You must create a MBean that exposes the SRPVerifierStore interface available to JNDI, and exposes any configurable parameters required. The default org.jboss.security.srp.SRPVerifierStoreService will allow you to implement this, however you can also implement the MBean using a Java properties file implementation of SRPVerifierStore (refer to Section 13.3, “Secure Remote Password Example”).