Hey all, I'm still trying to get my users to login to my web app. I followed
the directions here ...
http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureAWebApplicationUsingACustomForm
but so far, not having much luck. I've tried to modify for the
DatabaseServerLoginModule. So if anyone sees anything wrong, any help much
appreciated.
I copied the jbossmq example policy inside the
~/server/default/conf/login-config.xml file and added it at the end of the
file.
| <application-policy name = "my-app">
| <authentication>
| <login-module code =
"org.jboss.security.auth.spi.DatabaseServerLoginModule"
| flag = "required">
| <module-option name =
"unauthenticatedIdentity">guest</module-option>
| <module-option name =
"dsJndiName">java:/PostgresDS</module-option>
| <module-option name = "principalsQuery">SELECT password FROM
Principals WHERE principalId=?</module-option>
| <module-option name = "rolesQuery">SELECT roleId, 'Roles' FROM
Roles WHERE principalId=?</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
I then added the following to my web.xml.
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>All resources</web-resource-name>
| <description>Protects all resources</description>
| <url-pattern>/*</url-pattern>
| </web-resource-collection>
|
| <auth-constraint>
| <role-name>WebAppUser</role-name>
| </auth-constraint>
| </security-constraint>
|
| <security-role>
| <role-name>WebAppUser</role-name>
| </security-role>
|
| <login-config>
| <auth-method>FORM</auth-method>
| <form-login-config>
| <form-login-page>/login.html</form-login-page>
| <form-error-page>/errors.html</form-error-page>
| </form-login-config>
| </login-config>
|
And here's my jboss-web.xml
| <jboss-web>
| <context-root>/</context-root>
| <security-domain>java:/jaas/my-app</security-domain>
| </jboss-web>
|
And here's index.html includes the following.
| <form method="POST" action="j_security_check">
| User Name: <input type="text" name="j_username" /><br />
| Password: <input type="password" name="j_password" /><br />
| <input type="submit" value="Login" />
| </form>
|
And here's the table structure in my database.
| CREATE SEQUENCE principals_seq START 1000;
| CREATE TABLE Principals (
| principalId INTEGER DEFAULT NEXTVAL('principals_seq') PRIMARY KEY,
| principalName VARCHAR(64) NOT NULL,
| password VARCHAR(32) NOT NULL
| );
|
| CREATE SEQUENCE roles_seq START 100;
| CREATE TABLE Roles (
| roleId INTEGER DEFAULT NEXTVAL('roles_seq') PRIMARY KEY,
| principalId INTEGER NOT NULL,
| roleName VARCHAR(32) NOT NULL,
| roleGroup VARCHAR(32) NOT NULL
| );
|
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3944802#3944802
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3944802
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
