I have read everything on net and a thousand of forums but I do this work. I am
trying to use the DataBaseServerModule, here is the files:
login-config.xml
<application-policy name="LWebSec">
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName">java:/PostgresDS</module-option>
<module-option name="principalsQuery">select password from users where
username=?</module-option>
<module-option name="rolesQuery">select 'userroles', rolegroup from
userroles where username=?</module-option>
</login-module>
</application-policy>
jboss-web.xml
<jboss-web>
<security-domain>java:/jaas/LWebSec</security-domain>
</jboss-web>
web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Pages</web-resource-name>
<url-pattern>/webui/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>userrole</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<!-- ExampleRealm is defined in login-config.xml -->
<realm-name>LWebSec</realm-name>
<!--
<form-login-config>
<form-login-page>/login/login.jsp</form-login-page>
-->
</login-config>
<security-role>
blah
<role-name>userrole</role-name>
</security-role>
<!--
When I try to login with a user that is inside the database I receive the message
on log:
2004-03-24 13:24:13,277 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
login
2004-03-24 13:24:13,279 DEBUG [org.jboss.security.auth.spi.DatabaseServerLoginModule]
Bad password for username=abc
2004-03-24 13:24:13,280 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
abort
2004-03-24 13:24:13,280 DEBUG [org.jboss.security.plugins.JaasSecurityManager.LWebSec]
Login failure
javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
When I try to login with a user that doesnt exist in database:
2004-03-24 13:26:09,175 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
login
2004-03-24 13:26:09,178 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
abort
2004-03-24 13:26:09,178 DEBUG [org.jboss.security.plugins.JaasSecurityManager.LWebSec]
Login failure
javax.security.auth.login.FailedLoginException: No matching username found in
Principals
So, where is the problem, the password in Postgresql have to be crypt/hash? What
is wrong with the configuration?
<a
href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3827319#3827319";>View
the original post</a>
<a
href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3827319>Reply
to the post</a>
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
