Hello there,
Here is what i am doing....
My login-config.xml is,
<application-policy name = "mtswebportal">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag =
"required">
<module-option name = "dsJndiName">java:/mtswebportal</module-option>
<module-option name = "principalsQuery">SELECT PASS FROM users WHERE
LOGIN=?</module-option>
<module-option name = "rolesQuery">SELECT ROLE, 'Roles' FROM users WHERE
LOGIN=?</module-option>
<module-option name = "unauthenticatedIdentity">anonymouse</module-option>
</login-module>
</application-policy>
2. My web.xml is,
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd";>
<web-app>
<display-name>Hello World Login Test Application</display-name>
<servlet-name>action</servlet-name>
<servlet-class>
org.apache.struts.action.ActionServlet
</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>debug</param-name>
<param-value>3</param-value>
</init-param>
<init-param>
<param-name>detail</param-name>
<param-value>3</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<display-name>Server Configuration Security Constraint</display-name>
<!-- the collection of resources to which the sucurity constraint
applies -->
<web-resource-collection>
<web-resource-name>Secure Resources</web-resource-name>
Security constraint for all resources
<!-- the pattern that this constraint applies to -->
<url-pattern>/*</url-pattern>
<!-- the HTTP methods that this constraint applies to -->
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<!-- the user roles that should be permitted access to this resource
collection -->
<auth-constraint>
Only allow those users that are in the following role
<role-name>user</role-name>
</auth-constraint>
<!-- declare a transport guarantee, if any -->
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>mtswebportal</realm-name>
<form-login-config>
<form-login-page>/LoginFormDetails.jsp</form-login-page>
<form-error-page>/LoginFormDetails.jsp</form-error-page>
</form-login-config>
</login-config>
<taglib-uri>/WEB-INF/struts-html.tld</taglib-uri>
<taglib-location>/WEB-INF/struts-html.tld</taglib-location>
<taglib-uri>/WEB-INF/struts-bean.tld</taglib-uri>
<taglib-location>/WEB-INF/struts-bean.tld</taglib-location>
</web-app>
3. My jboss-web.xml is...
<?xml version="1.0"?>
<!DOCTYPE jboss-web
PUBLIC "-//JBoss//DTD Web Application 2.3//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd";>
<jboss-web>
<!-- tell jboss what realm to use for authentication -->
<security-domain>java:/jaas/mtswebportal</security-domain>
</jboss-web>
4. My jboss.xml is...
<?xml version="1.0"?>
<!DOCTYPE jboss
PUBLIC "-//JBoss//DTD Web Application 2.3//EN"
"http://www.jboss.org/j2ee/dtd/jboss_4_0.dtd";>
<jboss-web>
<!-- tell jboss what realm to use for authentication -->
<security-domain>java:/jaas/mtswebportal</security-domain>
</jboss-web>
5. My LoginFormDetails.jsp is
<%@ page contentType="text/html; charset=UTF-8" %>
<%@ page language="java" %>
Hello VIJAY
<!-- To prevent caching -->
<%
response.setHeader("Cache-Control","no-cache"); // HTTP 1.1
response.setHeader("Pragma","no-cache"); // HTTP 1.0
response.setDateHeader ("Expires", -1); // Prevents caching at
the proxy server
%>
function submitForm() {
var frm = document. logonForm;
// Check if all the required fields have been entered by the
user before
// submitting the form
if( frm.j_username.value == "" ) {
alert("blank");
frm.j_username.focus();
return ;
}
if( frm.j_password.value == "" ) {
alert("blank");
frm.j_password.focus();
return ;
}
frm.submit();
}
<FORM name="logonForm" action="/j_security_check" METHOD=POST>
<INPUT type="text"
name="j_username" maxlength=20>
<INPUT type="password"
name="j_password" maxlength=20 >
6. My mssql-ds.xml is...
<local-tx-datasource>
<jndi-name>mtswebportal</jndi-name>
<connection-url>jdbc:microsoft:sqlserver://ausblqa1:1433;DatabaseName=webportal</connection-url>
<driver-class>com.microsoft.jdbc.sqlserver.SQLServerDriver</driver-class>
<user-name>jboss</user-name>
ijboss#1
<prepared-statement-cache-size>50</prepared-statement-cache-size>
<min-pool-size>5</min-pool-size>
<max-pool-size>50</max-pool-size>
<idle-timeout-minutes>15</idle-timeout-minutes>
<track-statements>false</track-statements>
<!-- sql to call when connection is created
<new-connection-sql>some arbitrary sql</new-connection-sql>
-->
<!-- sql to call on an existing pooled connection when it is obtained from pool
<check-valid-connection-sql>some arbitrary sql</check-valid-connection-sql>
-->
<!-- corresponding type-mapping in the standardjbosscmp-jdbc.xml (optional) -->
<type-mapping>MS SQLSERVER2000</type-mapping>
</local-tx-datasource>
What should be my ActionForm and Action ?
What i need to do ??
Do i have to handle the login in my action ?
or JBOSS will automatically authenticate the user by the time the control gets to
Action.
Please help me.
Thanks.
VV.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3852850#3852850
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3852850
-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
