I have been trying to use DatabaseServerLogin. I am appending the login-config.xml, the login.jsp, the web.xml and the extract from the server log. (I turned on security debugging). I have a table called Principals with fields PrincipalID and Password in my database, and a table called Roles with fields called PrincipalID, Role, RoleGroup.
To deal with the login link problem, I have a link that connects to a signin.jsp page that is protected. When you try to link to it, the login.jsp page is invoked. When I try to give the wrong password/ userID it correctly routes me to login-error.html When I try to login correctly, it gives me a 403 error "HTTP Status 403 - Access to the requested resource has been denied". I checked the server log and it seems that I was authenticated but not authorized. What has to be done to "authorize" me? I could not find any documentation that explicitly tells me to authorize, when logging in. <!!!! Server log excerpt > file:/C:/aptsi_home/jboss/jboss-3.2.3/server/default/deploy/tsm.ear 2005-12-06 16:11:23,687 DEBUG [org.jboss.resource.connectionmanager.IdleRemover] run: IdleRemover notifying pools, interval: 450000 2005-12-06 16:12:17,421 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:17,484 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:17,515 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:17,515 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:17,531 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:17,562 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:17,578 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:17,578 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:17,609 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:17,625 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:19,125 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] jsp, runAs: null 2005-12-06 16:12:19,140 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] jsp, runAs: null 2005-12-06 16:12:20,953 INFO [STDOUT] in < JDBCConnectionManager's connect: 1 > 2005-12-06 16:12:20,953 INFO [STDOUT] in < JDBCConnectionManager's reg Driver > 2005-12-06 16:12:20,968 INFO [STDOUT] Successful registration 2005-12-06 16:12:20,968 INFO [STDOUT] in < JDBCConnectionManager's connect: 2 > 2005-12-06 16:12:21,125 INFO [STDOUT] in < JDBCConnectionManager's connect: 3 > 2005-12-06 16:12:21,125 INFO [STDOUT] in < JDBCConnectionManager's connect: 1 > 2005-12-06 16:12:21,125 INFO [STDOUT] in < JDBCConnectionManager's reg Driver > 2005-12-06 16:12:21,125 INFO [STDOUT] Successful registration 2005-12-06 16:12:21,125 INFO [STDOUT] in < JDBCConnectionManager's connect: 2 > 2005-12-06 16:12:21,140 INFO [STDOUT] in < JDBCConnectionManager's connect: 3 > 2005-12-06 16:12:21,140 INFO [STDOUT] sucess in init trying to createStatement 2005-12-06 16:12:21,140 INFO [org.jboss.web.localhost.Engine] jsp: Hello World 2005-12-06 16:12:21,140 INFO [STDOUT] Help! 2005-12-06 16:12:21,140 INFO [STDOUT] The User Name is null 2005-12-06 16:12:21,187 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:28,578 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] default, runAs: null 2005-12-06 16:12:28,578 TRACE [org.jboss.web.tomcat.security.JBossSecurityMgrRealm] Begin authenticate, username=root 2005-12-06 16:12:28,578 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] logout 2005-12-06 16:12:28,578 TRACE Web.xml: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd";> <web-app> <!-- - Deployment descriptor for an authenticated - section of the web site. --> <display-name>ial</display-name> "test" <welcome-file-list> <welcome-file>home.htm</welcome-file> </welcome-file-list> <resource-ref> <res-ref-name>jdbc/mySQL</res-ref-name> <res-type>javax.sql.DataSource</res-type> <res-auth>Container</res-auth> </resource-ref> <security-constraint> <web-resource-collection> <web-resource-name>Restricted</web-resource-name> Declarative security <url-pattern>/signin.jsp</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>user</role-name> </auth-constraint> <user-data-constraint> No descrp <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>ial</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/login_error.htm</form-error-page> </form-login-config> </login-config> <security-role> <role-name>ial</role-name> </security-role> <security-role> <role-name>user</role-name> </security-role> </web-app> <!!!! login-config.xml excerpt> <application-policy name="other"> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name="unauthenticatedIdentity">guest</module-option> <module-option name="dsJndiName">java:/mySQL</module-option> <module-option name="principalsQuery">select Password from Principals where PrincipalID=?</module-option> <module-option name="rolesQuery">select Role,RoleGroup from Roles where PrincipalID=?</module-option> </login-module> </application-policy> <!-- Security domains for testing new jca framework --> <application-policy name = "MySqlDbRealm"> <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required"> <module-option name ="principal">aptsi_dev</module-option> <module-option name ="userName">root</module-option> <module-option name ="password">aptsi</module-option> <module-option name ="managedConnectionFactoryName"> jboss.jca:service=LocalTxCM,name=mySQL </module-option> </login-module> </application-policy> <!!!! Login.jsp Excerpt> <form id="data-entryForm" method="POST" action='<%= response.encodeURL( "j_security_check" ) %>'> User Login User Name Password Login Reset <!----- my-sql.ds excerpt --> <local-tx-datasource> <jndi-name>mySQL</jndi-name> <connection-url>jdbc:mysql://localhost:3306/idmgmt</connection-url> <driver-class>com.mysql.jdbc.Driver</driver-class> <user-name>root</user-name> aptsi </local-tx-datasource> View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3911007#3911007 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3911007 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
