<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<body link="#355491" alink="#4262a1" vlink="#355491" style="background: #e2e2e2; margin: 0; padding: 20px;">
<div>
<table cellpadding="0" bgcolor="#FFFFFF" border="0" cellspacing="0" style="border: 1px solid #dadada; margin-bottom: 30px; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">
<tbody>
<tr>
<td>
<table border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" style="border: solid 2px #ccc; background: #dadada; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">
<tbody>
<tr>
<td bgcolor="#000000" valign="middle" height="58px" style="border-bottom: 1px solid #ccc; padding: 20px; -moz-border-radius-topleft: 3px; -moz-border-radius-topright: 3px; -webkit-border-top-right-radius: 5px; -webkit-border-top-left-radius: 5px;">
<h1 style="color: #333333; font: bold 22px Arial, Helvetica, sans-serif; margin: 0; display: block !important;">
<!-- To have a header image/logo replace the name below with your img tag -->
<!-- Email clients will render the images when the message is read so any image -->
<!-- must be made available on a public server, so that all recipients can load the image. -->
<a href="https://community.jboss.org/index.jspa" style="text-decoration: none; color: #E1E1E1">JBoss Community</a></h1>
</td>
</tr>
<tr>
<td bgcolor="#FFFFFF" style="font: normal 12px Arial, Helvetica, sans-serif; color:#333333; padding: 20px; -moz-border-radius-bottomleft: 4px; -moz-border-radius-bottomright: 4px; -webkit-border-bottom-right-radius: 5px; -webkit-border-bottom-left-radius: 5px;"><h3 style="margin: 10px 0 5px; font-size: 17px; font-weight: normal;">
FORM-based declarative authentication against MySQL Realm
</h3>
<span style="margin-bottom: 10px;">
modified by <a href="https://community.jboss.org/people/rsprasad">R Saravana Prasad</a> in <i>Beginner's Corner</i> - <a href="https://community.jboss.org/docs/DOC-16020">View the full document</a>
</span>
<hr style="margin: 20px 0; border: none; background-color: #dadada; height: 1px;">
<div class="jive-rendered-content"><p><br/>This article is about FORM-Based authentication for jboss for securing admin related pages.<br/>The attached web application uses declarative authentication against mysql security realm.</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>Add following <strong>security-constraint</strong> section to <strong>web.xml</strong>:</p><p><security-constraint><br/>     <display-name>require valid user</display-name><br/>  <web-resource-collection><br/>  <web-resource-name>internal application</web-resource-name><br/>  <!-- secure only admin pages--><br/>  <url-pattern>/admin/*</url-pattern><br/>  <http-method>GET</http-method><br/>  <http-method>POST</http-method><br/>        </web-resource-collection><br/>        <auth-constraint><br/>  <!--Admin pages secured only for admin--><br/>  <role-name>admin</role-name><br/></auth-constraint><br/></security-constraint></p><p><br/>Add following <strong>login-config</strong> section to <strong>web.xml</strong>:</p><p><br/><login-config><br/><auth-method>FORM</auth-method><br/><form-login-config><br/>  <form-login-page>/login.jsp</form-login-page><br/>  <form-error-page>/loginInvalid.jsp</form-error-page><br/></form-login-config><br/></login-config></p><p><br/>Find and replace following realm config section in <JBOSS_HOME>\server\default\deploy\jbossweb.sar\<strong>server.xml</strong>:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"<br/>driverName="org.gjt.mm.mysql.Driver"<br/>connectionURL="jdbc:mysql://localhost/jaasrealm"<br/>        connectionName="root"<br/>        connectionPassword=""<br/>        userTable="users" <br/>userNameCol="user_name" <br/>        userCredCol="user_pass"<br/>userRoleTable="user_roles" <br/>roleNameCol="role_name" /></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>From the above, realm requires DB Class name, DB Driver class, DB URL, <br/>DB name, DB username, DB password and <br/>userTable is users,<br/>userNameCol is user_name,<br/>userRoleTable is user_roles,<br/>userCredCol is user_pass and<br/>roleNameCol is role_name</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>Setting up security realm:<br/>Have mysql running.</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>mysql> create database jaasrealm;</p><p>mysql> use jaasrealm;</p><p>mysql> create table users (<br/>  user_name varchar(15) not null primary key,<br/>  user_pass varchar(15) not null<br/>);</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>mysql> create table user_roles (<br/>  user_name varchar(15) not null,<br/>  role_name varchar(15) not null,<br/>  primary key (user_name, role_name)<br/>);</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>mysql> insert into users values('hari','good');<br/>mysql> insert into users values('hara','better');</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>mysql> insert into user_roles values('hari','usergroup');<br/>mysql> insert into user_roles values('hara','admin');</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>In case more roles to be added to same user, hara keep adding more user_role records to hara:</p><p>mysql> insert into user_roles values('hara','editor');</p><p>mysql> insert into user_roles values('hara','publisher');</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>Ensure mysql driver in JBoss classpath, browser setting for cookies and modify JBossIPAddress in links in JSPs.<br/>Deploy the application after extracting it to JBOSS_HOME/server/default/deploy/.<br/>Reach the application at URL: <a class="jive-link-external-small" href="http://%3cjbossipaddress%3e:8080/auth/index.jsp">http://<JBossIPAddress>:8080/auth/index.jsp</a><br/>The first two links are to user pages that require no authentication.<br/>The last two links are to admin pages which require authentication.<br/>Clicking on admin links will cause login.jsp to be displayed as configured by login-config section of web.xml.<br/>The pages are authenticated by j_security_check with textboxes for j_username and j_password.<br/>A j_security_check servlet reserved by JBoss for authentication handles the request and the security-constraints associated with it.<br/>On successful authentication, the secured admin page will be displayed.<br/>On unsuccessful authentication, loginInvalid.jsp as configured by login-config section of web.xml will be displayed.</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>Fire up the JBoss and pull up the app...</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>Saravana Prasad</p></div>
<div style="background-color: #f4f4f4; padding: 10px; margin-top: 20px;">
<p style="margin: 0;">Comment by <a href="https://community.jboss.org/docs/DOC-16020">going to Community</a></p>
<p style="margin: 0;">Create a new document in Beginner's Corner at <a href="https://community.jboss.org/choose-container!input.jspa?contentType=102&containerType=14&container=2075">Community</a></p>
</div></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div>
</body>
</html>