[jboss-user] [Security & JAAS/JBoss] - Simple Web Form authentication using JAAS with DatabaseServe
mpurdy1973
do-not-reply at jboss.com
Mon Jun 22 00:02:03 EDT 2009
i implemented JAAS the best i know how; however, when i enter the correct username and password with the correct role, it forwards me to the bad login page??? i also get no exceptions in the jboss console.
i am using the username: 'tom' and the password 'tomuser'. as you can see below, tom has a password of 'tomuser' and is in the role of 'admin'
what am i missing???
here is my configuration:
mysql sql code
| use pyxiswebadmin;
| drop table users;
| drop table roles;
|
| create table users
| (
| username varchar(64) not null primary key,
| password varchar(64) not null
|
| );
|
| create table roles
| (
| username varchar(64),
| role varchar(64)
|
| );
|
| insert into users values ('tom', 'tomuser');
| insert into users values ('dick', 'dickuser');
| insert into users values ('harry', 'harryuser');
|
| insert into roles value ('tom', 'admin');
| insert into roles value ('dick', 'audit');
| insert into roles value ('harry', 'user');
|
| commit;
|
mysql database data
| mysql> show tables;
| +-------------------------+
| | Tables_in_pyxiswebadmin |
| +-------------------------+
| | roles |
| | users |
| +-------------------------+
| 2 rows in set (0.00 sec)
|
| mysql> select * from users;
| +----------+-----------+
| | username | password |
| +----------+-----------+
| | tom | tomuser |
| | dick | dickuser |
| | harry | harryuser |
| +----------+-----------+
| 3 rows in set (0.00 sec)
|
| mysql> select * from roles;
| +----------+-------+
| | username | role |
| +----------+-------+
| | tom | admin |
| | dick | audit |
| | harry | user |
| +----------+-------+
| 3 rows in set (0.00 sec)
|
login-config
| <!-- ####################################### -->
| <!-- added for Pyxis Server security -->
| <!-- ####################################### -->
| <application-policy name="pyxis-client-login">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
| <module-option name="dsJndiName">java:/pyxisDS</module-option>
| <module-option name="principalsQuery">select password from users where username=?</module-option>
| <module-option name="roleQuery">select role, 'Role' from roles where username=?</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
| <!-- ####################################### -->
|
datasource
| <?xml version="1.0" encoding="UTF-8"?>
|
| <datasources>
| <local-tx-datasource>
| <jndi-name>pyxisDS</jndi-name>
| <connection-url>jdbc:mysql://localhost:3306/pyxiswebadmin</connection-url>
| <driver-class>org.gjt.mm.mysql.Driver</driver-class>
| <user-name>pyxis</user-name>
| <password>pyxisuser</password>
| </local-tx-datasource>
|
| </datasources>
|
jboss-web.xml
| <jboss-web>
| <security-domain>java:/jaas/pyxis-client-login</security-domain>
| </jboss-web>
|
web.xml
| <?xml version="1.0" encoding="UTF-8"?>
| <web-app version="2.5"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xmlns="http://java.sun.com/xml/ns/javaee"
| xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
| xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
| <welcome-file-list>
| <welcome-file>index.jsp</welcome-file>
| </welcome-file-list>
|
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>HtmlAdaptor</web-resource-name>
| <url-pattern>/*</url-pattern>
| <http-method>GET</http-method>
| <http-method>POST</http-method>
| </web-resource-collection>
| <auth-constraint>
| <role-name>admin</role-name>
| </auth-constraint>
| <user-data-constraint>
| <transport-guarantee>NONE</transport-guarantee>
| </user-data-constraint>
| </security-constraint>
|
| <login-config>
| <auth-method>FORM</auth-method>
| <form-login-config>
| <form-login-page>/restricted/login.jsp</form-login-page>
| <form-error-page>/restricted/bad-login.jsp</form-error-page>
| </form-login-config>
| </login-config>
|
| <security-role>
| <role-name>admin</role-name>
| </security-role>
|
| </web-app>
|
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238939#4238939
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238939
More information about the jboss-user
mailing list