[rules-users] Unable to do Guvnor Authentiation with MySQL
Sumeet Karawal
sumeet.karawal at tcs.com
Mon Jan 9 09:46:10 EST 2012
Hi All,
I am trying to enable authentication in Guvnor using MySQL. I am using
MySQL 5.1, Guvnor 5.2 and JBoss AS 5.0.4
I searched over a lot of docs and tried to do as mentioned below :
I have created a GuvnorDB in MySQL with two tables
create table Principals(principal_id VARCHAR(64),password VARCHAR
(64));
create table roles(principal_id VARCHAR(64),user_role VARCHAR
(64),role_group VARCHAR(64));
and have entered some values accordingly (admin, admin123) and (admin,
admin, admin);
My components.xml in drools-guvnor.war is as follows :
<?xml version="1.0" encoding="UTF-8"?>
<components xmlns="http://jboss.com/products/seam/components"
xmlns:core="http://jboss.com/products/seam/core"
xmlns:security="http://jboss.com/products/seam/security"
xmlns:web="http://jboss.com/products/seam/web"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:transaction="http://jboss.com/products/seam/transaction"
xsi:schemaLocation="http://jboss.com/products/seam/core
http://jboss.com/products/seam/core-2.0.xsd
http://jboss.com/products/seam/security
http://jboss.com/products/seam/security-2.0.xsd
http://jboss.com/products/seam/components
http://jboss.com/products/seam/components-2.0.xsd
http://jboss.com/products/seam/web
http://jboss.com/products/seam/web-2.0.xsd
http://jboss.com/products/seam/transaction
http://jboss.com/products/seam/transaction-2.0.xsd">
<core:init transaction-management-enabled="false" />
<transaction:no-transaction />
<component name="repositoryConfiguration">
<!-- JackRabbit -->
<property name="properties">
<key>org.drools.repository.configurator</key><value>org.drools.repository.jackrabbit.JackrabbitRepositoryConfigurator</value>
</property>
</component>
<!-- SECURITY IDENTITY CONFIGURATION -->
<security:identity authenticate-method="#{authenticator.authenticate}"
jaas-config-name="mysql"/>
<!-- SECURITY AUTHORIZATION CONFIGURATION -->
<component name="org.jboss.seam.security.roleBasedPermissionResolver">
<property name="enableRoleBasedAuthorization">true</property>
</component>
</components>
I have also changed my login-config.xml accordingly and added a
application policy :
<application-policy name="mysql">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName">java:/MySqlDS</module-option>
<module-option name="principalsQuery">select password from principals
where principal_id=?</module-option>
<module-option name="principalsQuery">select user_role,'Roles' from roles
where principal_id=?</module-option>
</login-module>
</authentication>
</application-policy>
I have also created a mysql-ds.xml and saved it in the default/deploy
folder; its contents :
<?xml version="1.0" encoding="UTF-8"?>
<datasources>
<local-tx-datasource>
<jndi-name>MySqlDS</jndi-name>
<connection-url>jdbc:mysql://localhost:3306/GuvnorDB</connection-url>
<driver-class>com.mysql.jdbc.Driver</driver-class>
<user-name>root</user-name>
<password></password>
<valid-connection-checker-class-name>org.jboss.resource.adapter.jdbc.vendor.MySQLValidConnectionChecker</valid-connection-checker-class-name>
<metadata>
<type-mapping>mySQL</type-mapping>
</metadata>
</local-tx-datasource>getting an exceptiogetting
</datasources>
After all these changes, when I run guvnor and try to login, I am
getting an exception thrown at the console:
01:36:41,212 INFO [STDOUT] INFO 10-01 01:36:41,211
(SecurityServiceImpl.java:login:57) Logging in user [admin]
01:36:41,360 INFO [STDOUT] ERROR 10-01 01:36:41,357
(SecurityServiceImpl.java:login:77) Unable to login.
javax.security.auth.login.FailedLoginException: Password Incorrect/Password
Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login
(UsernamePasswordLoginModule.java:213)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at javax.security.auth.login.LoginContext.invoke
(LoginContext.java:784)
at javax.security.auth.login.LoginContext.access$000
(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run
(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run
(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv
(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login
(LoginContext.java:594)
at org.jboss.seam.security.Identity.authenticate(Identity.java:335)
at org.jboss.seam.security.Identity.authenticate(Identity.java:324)
at org.drools.guvnor.server.security.SecurityServiceImpl.login
(SecurityServiceImpl.java:75)
at org.drools.guvnor.server.SecurityServiceServlet.login
(SecurityServiceServlet.java:71)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:57)......
.................
I tried a lot but not getting through on how to do this.
It would really helpful if somebody could guide me on this.
Thanks & Regards,
Sumeet
Mailto: sumeet.karawal at tcs.com
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain
confidential or privileged information. If you are
not the intended recipient, any dissemination, use,
review, distribution, printing or copying of the
information contained in this e-mail message
and/or attachments to it are strictly prohibited. If
you have received this communication in error,
please notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you
More information about the rules-users
mailing list