This configuration is not valid. There can only be one authentication
child element under application-policy. Check the security_config.dtd
in jboss-all/docs/dtd of the dist.
<application-policy name="OracleDbRealm">
<authentication>
<login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="sufficient"/>
<login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="sufficient">
<module-option
name="dsJndiName">java:/OracleDS</module-option>
<module-option name="principalsQuery">select
password from Userz where username=?</module-option>
<module-option name="rolesQuery">select role,
roleGroup from Role r, Userz u where r.user_id=u.id and
u.username=?</module-option>
</login-module>
</authentication>
</application-policy>
xxxxxxxxxxxxxxxxxxxxxxxx
Scott Stark
Chief Technology Officer
JBoss Group, LLC
xxxxxxxxxxxxxxxxxxxxxxxx
----- Original Message -----
From: "Brian Topping" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, July 31, 2002 12:37 PM
Subject: RE: [JBoss-user] problems with multiple login modules.
Is this fixed? I'm running 3.0.1RC1 and also having a problem. Is it me?
Possibly. Probably...
Config:
<application-policy name="OracleDbRealm">
<authentication>
<login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="sufficient"/>
</authentication>
<authentication>
<login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="sufficient">
<module-option
name="dsJndiName">java:/OracleDS</module-option>
<module-option name="principalsQuery">select
password from Userz where username=?</module-option>
<module-option name="rolesQuery">select role,
roleGroup from Role r, Userz u where r.user_id=u.id and
u.username=?</module-option>
</login-module>
</authentication>
</application-policy>
When DatabaseServerLoginModule is taken out of login-config, it works fine.
When the DatabaseServerLoginModule is put in, UsersRolesLoginModule fails.
The error message is "DEBUG [UsersRolesLoginModule] Bad password for
username=wanker".
Why would UsersRolesLoginModule fail just because the <application-policy/>
contains another <authentication/>? Is it jealous or something? Wiggo!
btw, DatabaseServerLoginModule has been tested and works fine, but
UsersRolesLoginModule has one entry only and is there for bootstrapping the
tables that DatabaseServerLoginModule looks at, hence the reason for using
'sufficient'.
TIA!
-b
> -----Original Message-----
> From: Scott M Stark [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 10, 2002 10:40 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [JBoss-user] problems with multiple login modules.
>
>
> In 3.0.0 the flag attribute was not parsed correctly and
> always defaulted
> to required. This should be fixed in 3.0.1RC1.
>
> xxxxxxxxxxxxxxxxxxxxxxxx
> Scott Stark
> Chief Technology Officer
> JBoss Group, LLC
> xxxxxxxxxxxxxxxxxxxxxxxx
> ----- Original Message -----
> From: "Dag Kilskar Naess" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, July 10, 2002 6:54 AM
> Subject: [JBoss-user] problems with multiple login modules.
>
>
> > Hi all.
> > I have problems combining 2 login modules. First I wrote 2
> custom login
> > modules which individually work fine. But when I combine
> them like this:
> >
> > <application-policy name = "connectClientDomain">
> > <authentication>
> > <login-module code =
> "no.boostcom.security.MedlemsregisterLoginModule"
> > flag = "sufficient">
> > <module-option name
> "unauthenticatedIdentity">anybody</module-option>
> > </login-module>
> >
> > <login-module code = "no.boostcom.security.AdminLoginModule"
> > flag = "required">
> > <module-option name =
> "unauthenticatedIdentity">anybody</module-option>
> > </login-module>
> > </authentication>
> > </application-policy>
> >
> > They suddenly do not work. Which I found very strange. I
> treid sveral
> > combinations of login-module flags like (optional,
> optional), (sufficient,
> > required), (sufficient, optional), (sufficient, sufficient)
> and so on
> whitout
> > any visible effedt. Next I tried swithing login modules
> from my custom
> login
> > modules to trivial UsersRolesLoginModules, which also work fine
> individually
> > but combined they still fail if one of them fails no matter
> how you set
> the
> > flags. I've also tried swithing VM from sun's 1.4.0 to
> IBM1.3 but the
> result
> > is still the same:
> >
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Two, two, TWO treats in one.
> http://thinkgeek.com/sf
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user
>
-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code1
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
