[jboss-user] [Security & JAAS/JBoss] - 403 error with custom JAAS login Module.
wbrown338
do-not-reply at jboss.com
Mon Feb 5 12:07:50 EST 2007
Greetings:
We are using Jboss 4.0.5 GA on Linux with JDK 1.4.2_10-b03
We have a custom JAAS login module that extends the org.jboss.security.auth.spi.DatabaseServerLoginModule.
This module worked with JBoss 4.0.2.
we are using the following configs.
client/auth.conf
ebizDomain
{
org.jboss.security.ClientLoginModule required;
com.gocsc.ebiz.JBossLoginModule required;
};
server/default/conf/auth.conf
ebizDomain
{
org.jboss.security.ClientLoginModule required;
com.gocsc.ebiz.JBossLoginModule required;
dsJndiName="java:/MSSQLDS"
driverName="net.sourceforge.jtds.jdbc.Driver"
connectionURL="jdbc:jtds:sqlserver://dbase/app;user=user;password=password"
keyProc="{call art_prcGetKey()}"
passwordProc="{call art_prcGetPassword(?)}"
rolesProc="{call art_prcGetRoles(?)}"
};
server/default/conf/login-config.xml
<application-policy name="ebizDomain">
<login-module code="com.gocsc.ebiz.JBossLoginModule" flag="required">
<module-option name="dsJndiName">java:/MSSQLDS</module-option>
<module-option name="driverName">net.sourceforge.jtds.jdbc.Driver</module-option>
<module-option name="connectionURL">jdbc:jtds:sqlserver://dbase/app;user=user;password=password"</module-option>
<module-option name="keyProc">{call art_prcGetKey()}</module-option>
<module-option name="passwordProc">{call art_prcGetPassword(?)}</module-option>
<module-option name="rolesProc">{call art_prcGetRoles(?)}</module-option>
</login-module>
</application-policy>
webapp war web.xml
<login-config>
<auth-method>FORM</auth-method>
<realm-name>ebizDomain</realm-name>
<form-login-config>
<form-login-page>/loginPage</form-login-page>
<form-error-page>/errorpage.jsp</form-error-page>
</form-login-config>
</login-config>
We have debugging enabled for the login and we get output from our custom module that shows the user authenticated and had a role added:
2007-02-05 10:43:51,764 DEBUG [com.gocsc.ebiz.JBossLoginModule] dsJndiName=java:/MSSQLDS
2007-02-05 10:43:51,764 DEBUG [com.gocsc.ebiz.JBossLoginModule] driverName=net.sourceforge.jtds.jdbc.Driver
2007-02-05 10:43:51,764 DEBUG [com.gocsc.ebiz.JBossLoginModule] connectionURL=connectionURL=jdbc:jtds:sqlserver://dbase/app;user=user;password=password
2007-02-05 10:43:51,764 DEBUG [com.gocsc.ebiz.JBossLoginModule] keyProc={call art_prcGetKey()}
2007-02-05 10:43:51,765 DEBUG [com.gocsc.ebiz.JBossLoginModule] passwordProc={call art_prcGetPassword(?)}
2007-02-05 10:43:51,765 DEBUG [com.gocsc.ebiz.JBossLoginModule] rolesProc={call art_prcGetRoles(?)}
2007-02-05 10:43:51,792 DEBUG [com.gocsc.ebiz.JBossLoginModule] Assign user to role A
However, instead of being redirected to the homepage of the app, we are getting the tomcat error "HTTP Status 403 - Access to the requested resource has been denied". There are no more details in the server.log and the user is prevented from going forward into the app.
Is there a change we need to make in the configuration going from 4.0.2 to 4.0.5? Thanks for your help from anyone who knows what the issue might be.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4011452#4011452
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4011452
More information about the jboss-user
mailing list