[jira] [Resolved] (ROL-746) Unable to uses JAAS DatabaseServerLoginModule for authentication

Mon, 31 Dec 2012 19:34:16 -0800 

     [ 
https://issues.apache.org/jira/browse/ROL-746?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Glen Mazza resolved ROL-746.
----------------------------

    Resolution: Won't Fix

This issue refers to an obsolete version of Roller (1.1.2).  Sorry we could not 
get to it in time for you.
                
> Unable to uses JAAS DatabaseServerLoginModule for authentication
> ----------------------------------------------------------------
>
>                 Key: ROL-746
>                 URL: https://issues.apache.org/jira/browse/ROL-746
>             Project: Roller
>          Issue Type: Improvement
>          Components: Database Access & Data Model, User Management
>    Affects Versions: 1.1.2
>         Environment: JBoss 4.0.2/Tomcat 5.5
>            Reporter: TJ
>            Assignee: Roller Unassigned
>
> When installed on JBoss 4.0.2 roller cannot use the 
> org.jboss.security.auth.spi.DatabaseServerLoginModule because it expects TWO 
> table columns to be returned by the userrole table query.
> Log-ins fail and an exception is thrown:
> 2005-06-17 21:49:30,297 DEBUG 
> [org.jboss.security.plugins.JaasSecurityManagerService] Created 
> securityMgr=org.jboss.security.plugins.JaasSecurityManager@7227a8
> 2005-06-17 21:49:30,313 DEBUG 
> [org.jboss.security.plugins.JaasSecurityManager.RollerRealm] CachePolicy set 
> to: org.jboss.util.TimedCachePolicy@899e6a
> 2005-06-17 21:49:30,313 DEBUG 
> [org.jboss.security.plugins.JaasSecurityManagerService] setCachePolicy, 
> c=org.jboss.util.TimedCachePolicy@899e6a
> 2005-06-17 21:49:30,313 DEBUG 
> [org.jboss.security.plugins.JaasSecurityManagerService] Added RollerRealm, 
> org.jboss.security.plugins.SecurityDomainContext@ff665a to map
> 2005-06-17 21:49:30,422 ERROR 
> [org.jboss.security.auth.spi.DatabaseServerLoginModule] SQL failure
> java.sql.SQLException: Column Index out of range, 2 > 1. 
>       at com.mysql.jdbc.ResultSet.checkColumnBounds(ResultSet.java:4160)
>       at com.mysql.jdbc.ResultSet.getNativeString(ResultSet.java:6469)
>       at com.mysql.jdbc.ResultSet.getStringInternal(ResultSet.java:2307)
>       at com.mysql.jdbc.ResultSet.getString(ResultSet.java:2203)
>       at 
> org.jboss.resource.adapter.jdbc.WrappedResultSet.getString(WrappedResultSet.java:400)
>       at org.jboss.security.auth.spi.Util.getRoleSets(Util.java:142)
>       at 
> org.jboss.security.auth.spi.DatabaseServerLoginModule.getRoleSets(DatabaseServerLoginModule.java:166)
> The JBoss Security guide section 8.4.6.4 explains all
> http://docs.jboss.org/jbossas/admindevel326/html/ch8.chapter.html#ch8.dabaseserverloginmodule.sect
> The default select statements for DatabaseServerLoginModule are given in the 
> head of the source code file. You can find a copy here
> http://www.cenqua.com/clover/eg/jboss/report/org/jboss/security/auth/spi/DatabaseServerLoginModule.html
> It reads:
>  private String dsJndiName;
>  private String principalsQuery = "select Password from Principals where 
> PrincipalID=?";
>  private String rolesQuery = "select Role, RoleGroup from Roles where 
> PrincipalID=?";
> In roller the userrole table has only the 'Role' column. 'RoleGroup' doesn't 
> exist.
> So the select statement defined in the application policy defined in 
> jboss/server/<all>/conf/login-config.xml
>  <!-- Roller Weblog -->
>  <application-policy name="RollerRealm">
>   <authentication>
>    <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" 
> flag="sufficient">
>     <module-option name="dsJndiName">java:/jdbc/rollerdb</module-option>
>     <module-option name="principalsQuery">select passphrase from rolleruser 
> where username=?</module-option>
>     <module-option name="rolesQuery">select rolename from userrole where 
> username=?</module-option>
>     <module-option name="unauthenticatedIdentity">guest</module-option>
>    </login-module>
>   </authentication>
>  </application-policy> 
> causes the attempted read of the second column of the result set to fail in  
> the method
> protected Group[] getRoleSets() throws LoginException
> ...
>  do {
>   String name = rs.getString(1);
>   String groupName = rs.getString(2); // ** Exception **
> The *fix* is to edit the select statement to return a hard-coded 'Roles' 
> value in login-config.xml
> <module-option name="rolesQuery">select rolename, 'Roles' from userrole where 
> username=?</module-option>

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to