Glassfish containter security authentication - how to add salt (j_security_check)

How to add salt when I want to authenticate users using web.xml security (j_username, j_password, j_security_check)?

Now, I am using MD5 or SHA256 (configured in Security Realm).

Using 开发者_开发问答Glassfish 3.1, Java Server Faces 2.1.

---

I was looking for the same feature and didn't find any solution. For my project I used a dedicated managed bean to logOn. It is fully detail described in the official oracle documentation. Therefore you can separately fetch the requested user and use the method like this:

request.login(this.user.getUsername(),this.user.getSalt().concat(this.password));

Ensure that you use the same digist algorithm as you have configured on glassfish. Hope that helps.