[JBoss-user] [Security & JAAS/JBoss] - UsersRolesLoginModule works ok but DatabaseServerLoginModule

kmarcos Fri, 24 Sep 2004 09:39:34 -0700

Hi.

I have an application with struts an jboss.


I configure all to work with UsersRolesLoginModule and it's fine, but if i just change 
in login-config.xml the authentication to use DatabaseServerLoginModule it doesn't 
works... configuration its OK... and if i put an bad user or a wrong password works 
fine too deny permissions and show right errors, but if i put a correct user/passwd 
tomcat returns HTTP 403... and in the log there's not complains  (exceptions), so i 
think the autentication module returns ok and tomcat just lost.

i was expecting, the same UsersRolesLoginModule good behavior, but not.
I followed all in famous"Complete configuration of JAAS on JBOSS and STRUTS"  
excepting that i use action="j_security_check" and the Strut's Actions are just 
showing error messages... So i don't have nothing about Security handlers and the 
rest... 

any suggestion??
tks.

some code:

web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Saih Admon</web-resource-name>
<url-pattern>*.do</url-pattern>  
<url-pattern>/jsp/*</url-pattern>      
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>              
<auth-constraint>
<role-name>admin1</role-name>
</auth-constraint>
</security-constraint>  

 <login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/saihLogin.do</form-login-page> 
<form-error-page>/saihLoginError.do</form-error-page> 
</form-login-config>
</login-config>
   
<security-role>
<role-name>admin1</role-name>
</security-role> 

login-config.xml
<application-policy name = "saih-admon">

<login-module code="org.jboss.security.ClientLoginModule" 
flag="required"></login-module>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = 
"required">
 <module-option 
name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=histoSecDS</module-option>
 
<module-option name="dsJndiName">java:/histoSecDS</module-option>
<module-option name="principalsQuery">SELECT password FROM Principals WHERE 
PrincipalId = ?</module-option>
<module-option name="rolesQuery">
SELECT Role as Roles, RoleGroup as RolesGroups FROM Roles WHERE PrincipalID = ?        
  
 </module-option>
<module-option name="unauthenticatedIdentity">unauth</module-option>
</login-module>

</application-policy>

struts-config.xml
< action path="/saihLogin" type="co.edu.uniandes.saih.web.SaihLoginAction" 
scope="request"> 
< forward name="success" path="/SaihLogin.jsp" />
< /action>
< action path="/saihLoginError" type="co.edu.uniandes.saih.web.SaihLoginAction" 
scope="request" parameter="loginError">
< forward name="error" path="/SaihLogin.jsp" />
< /action>

SaihLoginAction.java
public ActionForward execute(....){
  |                     
  | System.out.println("entra al action orig");
  |             System.out.println("login error param value parameter 
"+mapping.getParameter());
  |             System.out.println("login error j_username 
"+request.getParameter("j_username"));
  |             System.out.println("login error 
j_password"+request.getParameter("j_password"));
  |             String error = mapping.getParameter(); 
  |             if(null != error && error.equalsIgnoreCase("loginError")){      
  |                     System.out.println("login error orig");         
  |                     SaihLoginForm slf = new SaihLoginForm();
  |                     slf.setUser(request.getParameter("j_username"));
  |                     slf.setPassword(request.getParameter("j_password"));
  |                     ActionErrors errors= slf.validate(mapping,request);
  |                     Iterator it = errors.get();
  |                     while (it.hasNext()){
  |                             ActionMessage am = (ActionMessage) it.next();
  |                             System.out.println(am.getKey());
  |                     }
  |                             
  |                     if (errors.isEmpty()){
  |                             System.out.println("empty");                    
  |                             errors.add(ActionMessages.GLOBAL_MESSAGE, new 
ActionMessage("errors.login.refuse"));                            
  |                     }
  |                     request.setAttribute(Globals.ERROR_KEY, errors);
  |                     return mapping.findForward("error");
  |             }
  |             System.out.println("ok en action orig");
  |             return mapping.findForward("success");
  |     }



Log when i put bad user o password...

2004-09-24 08:40:38,889 DEBUG 
[org.jboss.resource.adapter.jdbc.local.LocalManagedConnectionFactory] Using 
properties: {user=postgres, password=--hidden--}
2004-09-24 08:40:38,889 DEBUG 
[org.jboss.resource.adapter.jdbc.local.LocalManagedConnectionFactory] Checking driver 
for URL: jdbc:postgresql://172.16.1.16:5432/histosec
2004-09-24 08:40:38,889 DEBUG 
[org.jboss.resource.adapter.jdbc.local.LocalManagedConnectionFactory] Driver not yet 
registered for url: jdbc:postgresql://172.16.1.16:5432/histosec
2004-09-24 08:40:38,905 DEBUG 
[org.jboss.resource.adapter.jdbc.local.LocalManagedConnectionFactory] Driver already 
registered for url: jdbc:postgresql://172.16.1.16:5432/histosec
2004-09-24 08:40:39,045 DEBUG [org.jboss.security.auth.spi.DatabaseServerLoginModule] 
Bad password for username=kmarcos
2004-09-24 08:40:39,045 DEBUG 
[org.jboss.security.plugins.JaasSecurityManager.saih-admon] Login failure
javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
        at 
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:160)
....
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
        at java.lang.Thread.run(Thread.java:534)
2004-09-24 08:40:39,045 INFO  [STDOUT] entra al action orig
2004-09-24 08:40:39,045 INFO  [STDOUT] login error param value parameter loginError
2004-09-24 08:40:39,045 INFO  [STDOUT] login error j_username kmarcos
2004-09-24 08:40:39,045 INFO  [STDOUT] login error j_passwordk
2004-09-24 08:40:39,045 INFO  [STDOUT] login error orig
2004-09-24 08:40:39,045 INFO  [STDOUT] empty


log when user/passwd is ok
2004-09-24 08:49:27,780 INFO  [STDOUT] entra al action orig
2004-09-24 08:49:27,780 INFO  [STDOUT] login error param value parameter null
2004-09-24 08:49:27,780 INFO  [STDOUT] login error j_username null
2004-09-24 08:49:27,780 INFO  [STDOUT] login error j_passwordnull
2004-09-24 08:49:27,780 INFO  [STDOUT] ok en action orig

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3849456#3849456

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3849456


-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - UsersRolesLoginModule works ok but DatabaseServerLoginModule

Reply via email to