How To Configure Secure Application Using MySql
We will use JbossDukesBank for this âHow Toâ, but any other application with login page will do.
1. Create database tables users and roles on MySql , From the command line run:
CREATE DATABASE securedb;
GRANT ALL PRIVILEGES ON securedb. TO securedb @localhost IDENTIFIED BY 'password';
CREATE TABLE Principals (PrincipalID VARCHAR (64) PRIMARY KEY,
Password VARCHAR (64));
CREATE TABLE Roles (PrincipalID VARCHAR (64), Role
VARCHAR (64), RoleGroup VARCHAR (64));
INSERT INTO Principals VALUES ('200', 'j2ee');
INSERT INTO Roles VALUES ('200', bankCustomer, 'Roles');
INSERT INTO Roles VALUES ('200', '200', 'CallerPrincipal');
2. Create mysql-ds.xml and put it in deploy directory.
3. login-config.xml
This file is located in \server\default\conf,
add the following lines
.
5. Create a file auth.conf and place it in jboss-4.x\client,
client-login
{
org.jboss.security.ClientLoginModule required;
};
dukesbank
{
org.jboss.security.ClientLoginModule required;
org.jboss.security.auth.spi.DatabaseServerLoginModule required;
};
6. Create another auth.conf and place it in \default\conf
client-login
{
org.jboss.security.ClientLoginModule required;
};
dukesbank
{
org.jboss.security.ClientLoginModule required;
org.jboss.security.auth.spi.DatabaseServerLoginModule
required
dsJndiName="java:/SybaseDB"
principalsQuery="Select Password from Principals where PrincipalID =?"
rolesQuery="Select Role 'Roles', RoleGroup 'RoleGroups' from Roles where PrincipalID =?"
{quote:title={quote}
};
7. Check that jndi.properties file located in server\default\conf is as follows
java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
Do NOT uncomment this line as it causes in VM calls to go over
RMI!
java.naming.provider.url=localhost:1099
localhost
8. Place the following code in your web.xml:
<security-constraint>
<display-name>SecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>WRCollection</web-resource-name>
<url-pattern>/transferAck</url-pattern>
<url-pattern>/main</url-pattern>
<url-pattern>/atmAck</url-pattern>
<url-pattern>/accountList</url-pattern>
<url-pattern>/accountHist</url-pattern>
<url-pattern>/transferFunds</url-pattern>
<url-pattern>/atm</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>bankCustomer</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<realm-name>JAAS Tutorial Servlets</realm-name>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/logon.jsp</form-login-page>
<form-error-page>/logonError.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>bankCustomer</role-name>
</security-role>
Comments