thank you for your help, actually that was the problem, it is working now, but now
this custom class is unable to access datasource on the same time other beans are
accessing the datasource, any idea, i will give you the custom class code now.
the code in given below, i made some changes in one example code,so you please see
this.
/*
* Optiwise Custom Security Class
* A JDBC based login module that supports authentication and role mapping.
*/
package com.optiwise.bl.core.security;
import java.security.acl.Group;
import java.util.HashMap;
import java.util.Map;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.sql.DataSource;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.login.FailedLoginException;
import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.auth.spi.UsernamePasswordLoginModule;
public class OptiwiseServerLoginModule extends UsernamePasswordLoginModule
{
private String dsJndiName = "java:/OracleDS";
private String principalsQuery = "SELECT OW_PASSWORD FROM OW_T_USER WHERE
OW_USERID=?";
private String rolesQuery = "SELECT OW_T_ROLE.OW_NAME FROM OW_T_ROLE WHERE
OW_OID IN (SELECT OW_T_USERROLE.OW_ROLEOID FROM OW_T_USERROLE WHERE OW_USEROID =
(SELECT OW_T_USER.OW_OID FROM OW_T_USER WHERE OW_USERID=?))";
/**
* Initialize this LoginModule.
*/
public void initialize(Subject subject, CallbackHandler callbackHandler, Map
sharedState, Map options)
{
super.initialize(subject, callbackHandler, sharedState, options);
log.trace("DatabaseServerLoginModule, dsJndiName="+dsJndiName);
log.trace("principalsQuery="+principalsQuery);
log.trace("rolesQuery="+rolesQuery);
}
/** Get the expected password for the current username available via
* the getUsername() method. This is called from within the login()
* method after the CallbackHandler has returned the username and
* candidate password.
* @return the valid password String
*/
protected String getUsersPassword() throws LoginException,java.rmi.RemoteException
{
String username = getUsername();
String password = null;
Connection conn = null;
PreparedStatement ps = null;
try
{
InitialContext ctx = new InitialContext();
DataSource ds = (DataSource) ctx.lookup(dsJndiName);
conn = ds.getConnection();
// Get the password
ps = conn.prepareStatement(principalsQuery);
ps.setString(1, username);
ResultSet rs = ps.executeQuery();
if( rs.next() == false )
throw new FailedLoginException("No matching username found in
Principals");
password = rs.getString(1);
password = convertRawPassword(password);
rs.close();
}
catch(NamingException ex)
{
log.error("Problem in accessing DataSource");
throw new LoginException(ex.toString(true));
}
catch(SQLException ex)
{
log.error("Query failed", ex);
throw new LoginException(ex.toString());
}
finally
{
if( ps != null )
{
try
{
ps.close();
}
catch(SQLException e)
{
e.printStackTrace();
}
}
if( conn != null )
{
try
{
conn.close();
}
catch (SQLException ex)
{
ex.printStackTrace();
}
}
}
return password;
}
/** Overriden by subclasses to return the Groups that correspond to the
to the role sets assigned to the user. Subclasses should create at
least a Group named "Roles" that contains the roles assigned to the user.
A second common group is "CallerPrincipal" that provides the application
identity of the user rather than the security domain identity.
@return Group[] containing the sets of roles
*/
protected Group[] getRoleSets() throws LoginException
{
String username = getUsername();
Connection conn = null;
HashMap setsMap = new HashMap();
PreparedStatement ps = null;
try
{
InitialContext ctx = new InitialContext();
DataSource ds = (DataSource) ctx.lookup(dsJndiName);
conn = ds.getConnection();
// Get the users role names
ps = conn.prepareStatement(rolesQuery);
ps.setString(1, username);
ResultSet rs = ps.executeQuery();
if( rs.next() == false )
{
if( getUnauthenticatedIdentity() == null )
throw new FailedLoginException("No matching username found in Roles");
/* We are running with an unauthenticatedIdentity so create an empty
Roles set and return.*/
Group[] roleSets = { new SimpleGroup("Roles") };
return roleSets;
}
do
{
String name = rs.getString(1);
String groupName = rs.getString(2);
if( groupName == null || groupName.length() == 0 )
groupName = "Roles";
Group group = (Group) setsMap.get(groupName);
if( group == null )
{
group = new SimpleGroup(groupName);
setsMap.put(groupName, group);
}
group.addMember(new SimplePrincipal(name));
}
while( rs.next() );
rs.close();
}
catch(NamingException ex)
{
throw new LoginException(ex.toString(true));
}
catch(SQLException ex)
{
super.log.error("SQL failure", ex);
throw new LoginException(ex.toString());
}
finally
{
if( ps != null )
{
try
{
ps.close();
}
catch(SQLException e)
{
e.printStackTrace();
}
}
if( conn != null )
{
try
{
conn.close();
}
catch (Exception ex)
{}
}
}
Group[] roleSets = new Group[setsMap.size()];
setsMap.values().toArray(roleSets);
return roleSets;
}
/** A hook to allow subclasses to convert a password from the database
into a plain text string or whatever form is used for matching against
the user input. It is called from within the getUsersPassword() method.
@param rawPassword, the password as obtained from the database
@return the argument rawPassword
*/
protected String convertRawPassword(String rawPassword)
{
return rawPassword;
}
}
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3828796#3828796
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3828796
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
