Hi all,
I have a WebApplication in an EAR-Archive. I want to restrict access to some
JSPs based on a database (Interbase) on the server. The restricted JSPs are
in a subdirectory trader. When I check my log-file I can see that the user
is accepted but the role but not assigned the role. I am sure The
Roles-Table includes the user and the corresponding role. Please help me.
Any advice is very welconme!!
Hajo
JBoss 2.2.2 with integrated Tomcat 3.2.2
Principals-Table
"test1"," test1"
Roles-Table
"test1","trader","trader"
jboss-web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/betx</security-domain>
</jboss-web>
parts of my web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>TraderResource</web-resource-name>
<url-pattern>/trader/*</url-pattern>
<http-method>HEAD</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>trader</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>BetX Trading Plattform</realm-name>
</login-config>
<security-role>
<role-name>trader</role-name>
</security-role>
log-file:
[EmbeddedTomcatSX] JAAS.Created
securityMgr=org.jboss.security.plugins.JaasSecurityManager@438a0dbe
[EmbeddedTomcatSX] JAAS.setCachePolicy, c=null
[EmbeddedTomcatSX] JAAS.Added betx,
org.jboss.security.plugins.JaasSecurityManager@438a0dbe to map
[BetxDS] No transaction right now.
[BetxDS] Pool BetxDS [1/1/Unlimited] gave out pooled object:
org.opentools.minerva.jdbc.xa.wrapper.XAConnectionImpl@787f0dbe
[BetxDS] Pool BetxDS [0/1/Unlimited] returned object
org.opentools.minerva.jdbc.xa.wrapper.XAConnectionImpl@787f0dbe to the pool.
[EmbeddedTomcatSX] LoginException: java.lang.NullPointerException
at interbase.interclient.PreparedStatement.setString(Unknown Source)
at
org.opentools.minerva.jdbc.PreparedStatementInPool.setString(PreparedStateme
ntInPool.java:182)
at
org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(Datab
aseServerLoginModule.java:93)
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswo
rdLoginModule.java:82)
at java.lang.reflect.Method.invoke(Native Method)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:594)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:124)
at javax.security.auth.login.LoginContext$3.run(LoginContext.java:530)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:527)
at javax.security.auth.login.LoginContext.login(LoginContext.java:448)
at
org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityMana
ger.java:333)
at
org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityMana
ger.java:301)
at
org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.j
ava:193)
at
org.jboss.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMg
rRealm.java:104)
at
org.apache.tomcat.core.ContextManager.doAuthenticate(ContextManager.java:837
)
at org.apache.tomcat.core.RequestImpl.getRemoteUser(RequestImpl.java:341)
at
org.jboss.tomcat.security.JBossSecurityMgrRealm.authorize(JBossSecurityMgrRe
alm.java:148)
at
org.apache.tomcat.core.ContextManager.doAuthorize(ContextManager.java:855)
at
org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:78
9)
at org.apache.tomcat.core.ContextManager.service(ContextManager.java:743)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
onnectionHandler.java:213)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501)
at java.lang.Thread.run(Thread.java:498)
[EmbeddedTomcatSX] User: null is NOT authenticated
[Bean Cache] Resized cache for bean Bets: old capacity = 1000, new capacity
= 50
[BetxDS] No transaction right now.
[BetxDS] Pool BetxDS [1/1/Unlimited] gave out pooled object:
org.opentools.minerva.jdbc.xa.wrapper.XAConnectionImpl@787f0dbe
[BetxDS] Pool BetxDS [0/1/Unlimited] returned object
org.opentools.minerva.jdbc.xa.wrapper.XAConnectionImpl@787f0dbe to the pool.
[BetxDS] No transaction right now.
[BetxDS] Pool BetxDS [1/1/Unlimited] gave out pooled object:
org.opentools.minerva.jdbc.xa.wrapper.XAConnectionImpl@787f0dbe
[BetxDS] Pool BetxDS [0/1/Unlimited] returned object
org.opentools.minerva.jdbc.xa.wrapper.XAConnectionImpl@787f0dbe to the pool.
[EmbeddedTomcatSX] User: test1 is authenticated
[EmbeddedTomcatSX] User: test1 is NOT authorized, requiredRoles=[trader]
[BetxDS] No transaction right now.
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
