Version 3
Created by identify on Aug 6, 2007 9:33 AM. Last modified by identify on Aug 6, 2007 9:34 AM.

    How To Configure Secure Application Using MySql

     

    We will use JbossDukesBank for this “How To”, but any other application with login page will do.

     

    1.     Create database tables users and roles on MySql , From the command line run:

    •      CREATE DATABASE securedb;

    •      GRANT ALL PRIVILEGES ON securedb. TO securedb @localhost IDENTIFIED BY 'password';

    •      CREATE TABLE Principals (PrincipalID VARCHAR (64) PRIMARY KEY,

    Password VARCHAR (64));

    •      CREATE TABLE Roles (PrincipalID VARCHAR (64), Role

    VARCHAR (64), RoleGroup VARCHAR (64));

    •      INSERT INTO Principals VALUES ('200', 'j2ee');

    •      INSERT INTO Roles VALUES ('200', bankCustomer, 'Roles');

    •      INSERT INTO Roles VALUES ('200', '200', 'CallerPrincipal');

     

    2.     Create mysql-ds.xml and put it in deploy directory.

     

    3.     login-config.xml

    This file is located in \server\default\conf,

    add the following lines

    .

     

    5.     Create a file auth.conf and place it in jboss-4.x\client,

    client-login

    {

    org.jboss.security.ClientLoginModule required;

    };

     

    dukesbank

    {

    org.jboss.security.ClientLoginModule required;

    org.jboss.security.auth.spi.DatabaseServerLoginModule required;

    };

     

    6.     Create another auth.conf and place it in \default\conf

    client-login

    {

    org.jboss.security.ClientLoginModule required;

    };

    dukesbank

    {

    org.jboss.security.ClientLoginModule required;

    org.jboss.security.auth.spi.DatabaseServerLoginModule

    required

    dsJndiName="java:/SybaseDB"

    principalsQuery="Select Password from Principals where PrincipalID =?"

    rolesQuery="Select Role 'Roles', RoleGroup 'RoleGroups' from Roles where PrincipalID =?"

    {quote:title={quote}

    };

     

    7.     Check that jndi.properties file located in server\default\conf is as follows

    java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory

    java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces

    1. Do NOT uncomment this line as it causes in VM calls to go over

    2. RMI!

    java.naming.provider.url=localhost:1099

    1. localhost

     

     

    8.     Place the following code in your web.xml:

       <security-constraint>

            <display-name>SecurityConstraint</display-name>

            <web-resource-collection>

                <web-resource-name>WRCollection</web-resource-name>

                <url-pattern>/transferAck</url-pattern>

                <url-pattern>/main</url-pattern>

                <url-pattern>/atmAck</url-pattern>

                <url-pattern>/accountList</url-pattern>

                <url-pattern>/accountHist</url-pattern>

                <url-pattern>/transferFunds</url-pattern>

                <url-pattern>/atm</url-pattern>

                <http-method>POST</http-method>

                <http-method>GET</http-method>

            </web-resource-collection>

            <auth-constraint>

                <role-name>bankCustomer</role-name>

              </auth-constraint>

            <user-data-constraint>

                <transport-guarantee>NONE</transport-guarantee>

            </user-data-constraint>

        </security-constraint>

     

        <login-config>

            <realm-name>JAAS Tutorial Servlets</realm-name>

            <auth-method>FORM</auth-method>

            <form-login-config>

                <form-login-page>/logon.jsp</form-login-page>

                <form-error-page>/logonError.jsp</form-error-page>

            </form-login-config>

        </login-config>

        <security-role>

            <role-name>bankCustomer</role-name>

        </security-role>

     

     

     

    1409 Views Categories: Tags: