1 Reply Latest reply on Jun 6, 2003 6:06 PM by lguan

    DatabaseServerLoginModule not taking dsJndiName in config

    lguan
    lguan Jun 6, 2003 2:16 PM

      I am running Scott Stark's JAAS examples on Jboss3.2.1 using the DatabaseServerLoginModule to an oracle database. I modified login-config.xml to use java:/OracleDS, however the DatabaseServerLoginModule insists looking into the default datasource (java:/DefaultDS). I added some debug trace to DatabaseServerLoginModule.java and found that none of the module-option parameters were passed to the initialization of the module. Following are my configuration settings, can someone tell me what I did wrong? Thanks in advance.

      1. jboss.xml in the bean jar:


      <security-domain>java:/jaas/example2</security-domain>
      <enterprise-beans>

      <ejb-name>PublicSession</ejb-name>
      <jndi-name>example1/PublicSession</jndi-name>


      <ejb-name>PrivateSession</ejb-name>
      <jndi-name>example2/PrivateSession</jndi-name>

      </enterprise-beans>



      2. $JBOSS_HOME/server/default/conf/login-config.xml:

      <application-policy name = "example2">

      <login-module code= "org.jboss.security.auth.spi.DatabaseServerLoginModule"
      flag = "required" />
      <module-option name = "dsJndiName">java:/OracleDS</module-option>
      <module-option name = "principalsQuery">select Password from Principals where PrincipalID=?</module-option>
      <module-option name = "rolesQuery">select Role, RoleGroup from Roles where PrincipalID=?</module-option>

      </application-policy>

      3. $JBOSS_HOME/client/auth.conf:

      other
      {
      // default client-login module
      org.jboss.security.ClientLoginModule required
      ;
      };


      4. $JBOSS_HOME/server/default/conf/auth.conf:

      example2 {
      org.jboss.security.auth.spi.DatabaseServerLoginModule required
      dsJndiName="java:/OracleDS"
      principalsQuery="select Password from Principals where PrincipalID=?"
      rolesQuery="select Role, RoleGroup from Roles where PrincipalID=?"
      unauthenticatedIdentity=nobody
      ;
      };

      other {
      org.jboss.security.ClientLoginModule required
      ;
      org.jboss.security.auth.spi.DatabaseServerLoginModule required
      dsJndiName="java:/OracleDS"
      principalsQuery="select Password from Principals where PrincipalID=?"
      rolesQuery="select Role, RoleGroup from Roles where PrincipalID=?"
      unauthenticatedIdentity=nobody
      ;
      };

      (is this the right place to drop auth.conf on the server side? It contains duplicate information that's already in login-config.xml, is this file necessary?):


      • 2004 Views
      • Tags:
        • 1. Re: DatabaseServerLoginModule not taking dsJndiName in confi
          lguan
          lguan Jun 6, 2003 6:06 PM (in response to lguan)

          Whoops - my login-config.xml was bad,

          <login-module code= "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required" />
          <module-option ...>

          Should have been,

          <login-module code= "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required" >
          <module-option ...>
          </login-module>

          The sample worked perfect after this fix.

            • Actions