Problem using DatabaseSeverLoginModule
rvaneperen Dec 10, 2002 12:58 PMI am relatively new to Java, and very new to JBoss/JAAS. I am trying to implement a simple username/password database login in a web application.
I have the following entries in jboss-service.xml:
jboss.security:service=XMLLoginConfig
login-config.xml
<!-- JAAS security manager and realm mapping -->
org.jboss.security.plugins.JaasSecurityManager
I have the following entries in login-config.xml (this is the only entry in the file):
<application-policy name = "argo-login">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name="dsJNDIName">java:SecurityDS</module-option>
<module-option name="principlesQuery">select password from app_user where login_name = ?</module-option>
<module-option name="rolesQuery">select authorization_name, 'Roles' from v_user_authorization where login_name = ?</module-option>
</login-module>
</application-policy>
When I execute the following lines in my servlet:
AppCallbackHandler handler = new AppCallbackHandler(credentials.getUserName(), credentials.getPassword());
LoginContext lc = new LoginContext("argo-login", handler);
lc.login();
I get the following error:
11:46:05,882 ERROR [DatabaseServerLoginModule] Query failed
java.sql.SQLException: Table not found: PRINCIPALS in statement [select Password from Principals where PrincipalID='rvaneperen']
at org.hsqldb.Trace.getError(Trace.java:180)
at org.hsqldb.Result.(Result.java:175)
at org.hsqldb.jdbcConnection.executeHSQL(jdbcConnection.java:907)
at org.hsqldb.jdbcConnection.execute(jdbcConnection.java:718)
at org.hsqldb.jdbcStatement.fetchResult(jdbcStatement.java:686)
at org.hsqldb.jdbcStatement.executeQuery(jdbcStatement.java:68)
at org.hsqldb.jdbcPreparedStatement.executeQuery(jdbcPreparedStatement.java:133)
at org.jboss.resource.adapter.jdbc.local.LocalPreparedStatement.executeQuery(LocalPreparedStatement.java:289)
at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:100)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:143)
at java.lang.reflect.Method.invoke(Native Method)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:664)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:599)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:596)
at javax.security.auth.login.LoginContext.login(LoginContext.java:523)
at com.parago.common.web.servlet.ArgoControl.validateCredentials(ArgoControl.java:115)
Why isn't it using the query I have defined? I've read through the JBossBook_30x.pdf, and can't see what I'm missing.