First , thanks for replying..I hope you are able to solve my problem
............................
I am using form based authentication.
Essentially the username and password is grabbed via HTML form.heres the code
for my .vm template.
******************login.vm**************************************
| <form action="/megs/logincheck.action?view=overview" method="post">
| <table>
| <tr class="trCaption>
| <td color="white">UserName :</td>
| <input type="text" name="user" size="12"/>
| </tr>
| <tr class="trCaption>
| <td color="white">Password :</td>
| <input type="password" name="password" size="12"/>
| </tr>
| <tr>
| <td>
| <input type="submit" value="Login"/>
| </td>
| </tr>
| </table>
| </form>
|
************************************************************
On submit, this calls the Servlet LoginCheckAction which loads the loginmodules
via LoginContext and performs authentication as shown below:
*******************LoginCheckAction.java***************
| public class LogincheckAction extends ActionSupport
| {..............
| ..........................
| ......................
| static class AppCallbackHandler implements CallbackHandler
| {
| private String uname;
| private char[] pass;
|
| public AppCallbackHandler(String uname, char[] pass)
| {
| System.out.println("The username is: " + uname);
| System.out.println("The password is: " + pass);
| this.uname = uname;
| this.pass = pass;
| }
|
| public void handle(Callback[] callbacks) throws
| java.io.IOException, UnsupportedCallbackException
| {
| for (int i = 0; i < callbacks.length; i++)
| {
| if (callbacks instanceof NameCallback)
| {
| NameCallback nc = (NameCallback) callbacks;
| nc.setName(uname);
| }
| else if (callbacks instanceof PasswordCallback)
| {
| PasswordCallback pc = (PasswordCallback) callbacks;
| pc.setPassword(pass);
| }
| else
| {
| throw new UnsupportedCallbackException(callbacks,
"Unrecognized Callback");
| }
| }
| }
| }
|
| public String execute() throws Exception
| {
| char[] passwordarray = getPassword().toCharArray();
| try
| {
| AppCallbackHandler handler = new
| AppCallbackHandler(getUser(), passwordarray);
| lc = new LoginContext("megs", handler);
| System.out.println("Created LoginContext");
| lc.login();
|
|
| }
| catch (FailedLoginException le)
| {
| System.out.println("Login failed for Username :" + getUser());
| System.out.println("Please check your username and password");
| return "accessdenied";
| }
| System.out.println("LoginCheckAction executed"); //This is printed
|
| HttpServletResponse response = ServletActionContext.getResponse();
| response.sendRedirect("/megs/overview.action?view=overview");
|
| return SUCCESS;
| }
|
|
| .................
| ..................................
|
****************************************************************
This executes properly as the last line is printed, so I am sure the login
succeeds, after that there is a redirect to the next servlet
OverviewAction.java which is where the problem occurs..
*********************OverviewAction.java******************
| ....................
| ...................................
| public String execute() throws Exception
| {
| ActionContext.getContext().getApplication().put("view", view);
| ActionContext.getContext().getApplication().put("submenu", "");
| System.out.println("The view in overviewaction is:" + view);
|
| //EXCEPTION IS THROWN AT THIS LINE
| setRegions(BeanUtil.getRegion().getRegionDevices());
| ..................
| .............
| }
| ...............
| ...................................
|
*************************************************************
The exception is thrown when the OverviewAction Servlet tries to call the
create method of the Region Bean.. :(
And here is my web.xml, I am not very sure if I have it configured correctly,
Maybe the problem lies in that.
It does include the login-config information. I tired using both BASIC and
FORM, doesnt make any difference though
|
|
| *****************************web.xml**********************
| <web-app>
| <display-name>Enterprise Management Console</display-name>
| ..........................................
| ......................................................
| ......................................................
| <servlet>
| <servlet-name>admin</servlet-name>
| <servlet-class>
| com.megs.management.servlets.AdminAction
| </servlet-class>
| </servlet>
|
| <servlet>
| <servlet-name>overview</servlet-name>
| <servlet-class>
| com.megs.management.servlets.OverviewAction
| </servlet-class>
| </servlet>
|
| <servlet>
| <servlet-name>logincheck</servlet-name>
| <servlet-class>
| com.megs.management.servlets.LoginCheckAction
| </servlet-class>
| </servlet>
|
| <servlet-mapping>
| <servlet-name>logincheck</servlet-name>
| <url-pattern>/restricted/logincheck</url-pattern>
| </servlet-mapping>
|
| <servlet-mapping>
| <servlet-name>overview</servlet-name>
| <url-pattern>/restricted/overview</url-pattern>
| </servlet-mapping>
|
| <servlet-mapping>
| <servlet-name>admin</servlet-name>
| <url-pattern>/restricted/admin</url-pattern>
| </servlet-mapping>
|
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>Secure Access</web-resource-name>
| <url-pattern>/restricted/*</url-pattern>
| <http-method>HEAD</http-method>
| <http-method>GET</http-method>
| <http-method>POST</http-method>
| <http-method>PUT</http-method>
| <http-method>DELETE</http-method>
| </web-resource-collection>
| <auth-constraint>
| <role-name>ManageUsers</role-name>
| </auth-constraint>
| <user-data-constraint>
| <description>no description</description>
| <transport-guarantee>NONE</transport-guarantee>
| </user-data-constraint>
| </security-constraint>
|
| <login-config>
| <auth-method>FORM</auth-method>
| <realm-name>megs</realm-name>
| </login-config>
|
| <security-role>
| <description>The role required to access restricted
content</description>
| <role-name>ManageUsers</role-name>
| </security-role>
|
| .......................................................
| ......................................
|
********************************************************
AM I missing some information here :(?? or do I have it configured wrong?/ If
you need anymore information , please let me know.
I hope you can spot where I am going wrong.
Thanks again.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3899878#3899878
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3899878
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
