[jboss-user] [Security & JAAS/JBoss] - org.jboss.web.jsf.integration.config.JBossJSFConfigureListen
maximuszen
do-not-reply at jboss.com
Tue Nov 13 17:02:52 EST 2007
Can you help me understand this error?
Windows XP, Java SDK 1.5, JBoss 4.2.2
Here is my code:
default/conf/login-config.xml
<application-policy name = "zzz">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name = "dsJndiName">java:/PostgresDS</module-option>
<module-option name = "principalsQuery">SELECT password FROM xuser WHERE username=?</module-option>
<module-option name = "rolesQuery">SELECT name, 'Roles' FROM role WHERE id = ANY
( SELECT role_id FROM user_role WHERE user_id = ANY
( SELECT id FROM xuser WHERE username = ? ) )
</module-option>
</login-module>
</application-policy>
default/conf/auth.conf(I removed this) and
the VM argument -Djava.security.auth.login.config=auth.conf
zzz{
// jBoss ClientLoginModule
org.jboss.security.auth.spi.DatabaseServerLoginModule required
;
};
LoginServlet
public class Login extends Command {
public String perform(HttpServletRequest request) {
String username = request.getParameter("u");
String password = request.getParameter("p");
UsernamePasswordHandler handler = new UsernamePasswordHandler(username,password);
Subject subj = null;
try {
LoginContext lc = new LoginContext("zzz",handler);
lc.login();
} catch (LoginException e1) {
return error;
}
subj = lc.getSubject();
Log.info("subj = "+subj);
return ok;
}
}
web.xml in application
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<servlet-name>Security</servlet-name>
<servlet-class>servlet.Security</servlet-class>
<servlet-mapping>
<servlet-name>Security</servlet-name>
<url-pattern>/s</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>login</web-resource-name>
<url-pattern>/s</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>zzz</realm-name>
</login-config>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4104324#4104324
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4104324
More information about the jboss-user
mailing list