[jboss-user] [Security & JAAS/JBoss] - Re: JDBC Realm
bjornn
do-not-reply at jboss.com
Wed Aug 2 15:26:27 EDT 2006
Hi j2ee_junkie, Hi zurchman.
Follow me:
"j2ee_junkie" wrote : bjornn,
|
| Your problem then is your query. As I already mentioned, the sql configured in your security-domain must be specific for you database. For more details about the DatabaseServerLoginModule see http://wiki.jboss.org/wiki/Wiki.jsp?page=DatabaseServerLoginModule.
|
| cgriffith
I change my query to retrieve all columns of the user's and role's tables. look:
| <application-policy name = "jaas-webapp-domain">
| <authentication>
| <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
| flag = "required">
| <module-option name = "unauthenticatedIdentity">pirata</module-option>
| <module-option name = "dsJndiName">jdbc/jaasDS</module-option>
| <module-option name = "principalsQuery">SELECT LOGIN, PASSWORD FROM USERS WHERE LOGIN=?</module-option>
| <module-option name = "rolesQuery">SELECT LOGIN, ROLE_NAME, ROLE_GROUP FROM ROLES WHERE LOGIN=?</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
Question: How jboss know what column represents the password, for example? How should it know? Same for role name... Maybe i'm missing some step in configuration...
I have modified my log4j.xml and get it when I try to login for the first time:
| 2006-08-02 16:20:35,141 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(jaas-webapp-domain), size=9
| 2006-08-02 16:20:35,141 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(jaas-webapp-domain), size=9
| 2006-08-02 16:20:35,141 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(jaas-webapp-domain), authInfo=AppConfigurationEntry[]:
| [0]
| LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
| ControlFlag: LoginModuleControlFlag: required
| Options:name=rolesQuery, value=SELECT LOGIN, ROLE_NAME, ROLE_GROUP FROM ROLES WHERE LOGIN=?
| name=principalsQuery, value=SELECT LOGIN, PASSWORD FROM USERS WHERE LOGIN=?
| name=unauthenticatedIdentity, value=pirata
| name=dsJndiName, value=jdbc/jaasDS
|
| 2006-08-02 16:20:35,141 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(jaas-webapp-domain), authInfo=AppConfigurationEntry[]:
| [0]
| LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
| ControlFlag: LoginModuleControlFlag: required
| Options:name=rolesQuery, value=SELECT LOGIN, ROLE_NAME, ROLE_GROUP FROM ROLES WHERE LOGIN=?
| name=principalsQuery, value=SELECT LOGIN, PASSWORD FROM USERS WHERE LOGIN=?
| name=unauthenticatedIdentity, value=pirata
| name=dsJndiName, value=jdbc/jaasDS
|
| 2006-08-02 16:20:35,141 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize
| 2006-08-02 16:20:35,141 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Saw unauthenticatedIdentity=pirata
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Saw unauthenticatedIdentity=pirata
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=jdbc/jaasDS
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=jdbc/jaasDS
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=SELECT LOGIN, PASSWORD FROM USERS WHERE LOGIN=?
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=SELECT LOGIN, PASSWORD FROM USERS WHERE LOGIN=?
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=SELECT LOGIN, ROLE_NAME, ROLE_GROUP FROM ROLES WHERE LOGIN=?
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=SELECT LOGIN, ROLE_NAME, ROLE_GROUP FROM ROLES WHERE LOGIN=?
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort
| 2006-08-02 16:20:35,157 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(jaas-webapp-domain), size=9
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(jaas-webapp-domain), size=9
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(jaas-webapp-domain), authInfo=AppConfigurationEntry[]:
| [0]
| LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
| ControlFlag: LoginModuleControlFlag: required
| Options:name=rolesQuery, value=SELECT LOGIN, ROLE_NAME, ROLE_GROUP FROM ROLES WHERE LOGIN=?
| name=principalsQuery, value=SELECT LOGIN, PASSWORD FROM USERS WHERE LOGIN=?
| name=unauthenticatedIdentity, value=pirata
| name=dsJndiName, value=jdbc/jaasDS
|
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(jaas-webapp-domain), authInfo=AppConfigurationEntry[]:
| [0]
| LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
| ControlFlag: LoginModuleControlFlag: required
| Options:name=rolesQuery, value=SELECT LOGIN, ROLE_NAME, ROLE_GROUP FROM ROLES WHERE LOGIN=?
| name=principalsQuery, value=SELECT LOGIN, PASSWORD FROM USERS WHERE LOGIN=?
| name=unauthenticatedIdentity, value=pirata
| name=dsJndiName, value=jdbc/jaasDS
|
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Saw unauthenticatedIdentity=pirata
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Saw unauthenticatedIdentity=pirata
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=jdbc/jaasDS
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=jdbc/jaasDS
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=SELECT LOGIN, PASSWORD FROM USERS WHERE LOGIN=?
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=SELECT LOGIN, PASSWORD FROM USERS WHERE LOGIN=?
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=SELECT LOGIN, ROLE_NAME, ROLE_GROUP FROM ROLES WHERE LOGIN=?
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=SELECT LOGIN, ROLE_NAME, ROLE_GROUP FROM ROLES WHERE LOGIN=?
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort
| 2006-08-02 16:20:39,105 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort
|
These are aditional information that I got from the moment that I change log4j.xml.
Maybe I should take the source to debug...
Excuse me for boring...
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962585#3962585
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3962585
More information about the jboss-user
mailing list