[jboss-user] [Security & JAAS/JBoss] - Re: DatabaseLoginServerModule implementing problems

NSchweig do-not-reply at jboss.com
Mon Apr 27 05:53:33 EDT 2009


Hallo Wolfgang,

thank you very much for the answer.

Now I think it is working a little bit better, I have got the following log:
0]
  | LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
  | ControlFlag: Anmeldemodul-Steuerflag: required
  | Options:
  | name=debug, value=true
  | name=rolesQuery, value=select userroles, 'roles' from userroles where username=?
  | name=principalsQuery, value=select passwd from users where username=?
  | name=dsJndiName, value=java:/databaselogin
  | 
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] initialize
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] Security domain: databaselogin
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/databaselogin
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] principalsQuery=select passwd from users where username=?
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] rolesQuery=select userroles, 'roles' from userroles where username=?
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] suspendResume=true
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] login
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] suspendAnyTransaction
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] Excuting query: select passwd from users where username=?, with username: java
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] Obtained user password
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] resumeAnyTransaction
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] User 'java' authenticated, loginOk=true
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] commit, loginOk=true
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] getRoleSets using rolesQuery: select userroles, 'roles' from userroles where username=?, username: java
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] suspendAnyTransaction
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] Excuting query: select userroles, 'roles' from userroles where username=?, with username: java
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] Assign user to role java
  | 15:42:55,343 TRACE [DatabaseServerLoginModule] resumeAnyTransaction
  | 15:42:55,390 TRACE [databaselogin] defaultLogin, lc=javax.security.auth.login.LoginContext at 551dc1, subject=Subject(1341551).principals=org.jboss.security.SimplePrincipal at 11380792(java)org.jboss.security.SimpleGroup at 32426946(roles(members:java))
  | 15:42:55,390 TRACE [databaselogin] updateCache, inputSubject=Subject(1341551).principals=org.jboss.security.SimplePrincipal at 11380792(java)org.jboss.security.SimpleGroup at 32426946(roles(members:java)), cacheSubject=Subject(8610524).principals=org.jboss.security.SimplePrincipal at 11380792(java)org.jboss.security.SimpleGroup at 32426946(roles(members:java))
  | 15:42:55,390 TRACE [databaselogin] Inserted cache info: org.jboss.security.plugins.auth.JaasSecurityManagerBase$DomainInfo at 1cf9232[Subject(8610524).principals=org.jboss.security.SimplePrincipal at 11380792(java)org.jboss.security.SimpleGroup at 32426946(roles(members:java)),credential.class=java.lang.String at 24598445,expirationTime=1240841565609]
  | 15:42:55,390 TRACE [databaselogin] End isValid, true
  | 15:42:55,390 TRACE [databaselogin] getPrincipal, cache info: org.jboss.security.plugins.auth.JaasSecurityManagerBase$DomainInfo at 1cf9232[Subject(8610524).principals=org.jboss.security.SimplePrincipal at 11380792(java)org.jboss.security.SimpleGroup at 32426946(roles(members:java)),credential.class=java.lang.String at 24598445,expirationTime=1240841565609]
  | 15:42:55,406 TRACE [SecurityRolesAssociation] Setting threadlocal:null
  | 15:42:55,406 TRACE [SecurityRolesAssociation] Setting threadlocal:null
  | 15:42:55,406 TRACE [SecurityRolesAssociation] Setting threadlocal:{}
  | 15:42:55,406 TRACE [JBossAuthorizationContext] Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED]
  | 15:42:55,421 TRACE [SecurityRolesAssociation] Setting threadlocal:null
  | 15:42:55,421 TRACE [SecurityRolesAssociation] Setting threadlocal:null
  | 

But the problem now is that i get a http 403 error, access denied.
Any more ideas?

Thank you very much for the links, too!Very helpful.
Best regards,
Nicole

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4226964#4226964

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4226964



More information about the jboss-user mailing list