[jboss-user] [Security & JAAS/JBoss] - Re: JDBC Realm
bjornn
do-not-reply at jboss.com
Wed Aug 2 14:14:45 EDT 2006
I have copied the query from login-config.xml.... from the policy "JBossMQ, and just make the necessary modifications.... Both policies(mine and jbossmq) are in the same file, under conf dir.
The JBossMQ policy looks like this:
| <!-- Security domain for JBossMQ -->
| <application-policy name = "jbossmq">
| <authentication>
| <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
| flag = "required">
| <module-option name = "unauthenticatedIdentity">guest</module-option>
| <module-option name = "dsJndiName">java:/DefaultDS</module-option>
| <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option>
| <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
But wait... maybe i'm making a mistake... my tables contains these fields:
user's table: login, password
role's table: login(from user's table), role_name, role_group(I don't know the propose of this field, but in jboss wiki it seems mandatory to me)
By looking the declaration of jbossmq policy, my role query must retrive the id of the role(login?!) and a static text 'roles'. Is this right? wrong? why?
If my query looks bad, how it could be? Maybe a select *?
Thanks.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962573#3962573
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3962573
More information about the jboss-user
mailing list