5 Replies Latest reply on Aug 12, 2003 1:06 PM by sradford

    JBoss MySQL Authentication

    belfast

      I have the jboss docs (which are pretty good) but they don't seem to be helping me figure out my error in using MySQL (4.1) with JBoss3.2rc1/tomcat4.1.24 (on XP Pro)

      I have followed all that is written, and my struts application (which works fine on tomcat alone) doesn't work (with auth)
      I am using form based auth with /j_security_check

      Any hints would be great, as the logs don't seem to be helping me at all.


      thanks in advance...



      my mysql-ds.xml file
      -------------------

      <local-tx-datasource>
      <jndi-name>jbossDS</jndi-name>
      <connection-url>jdbc:mysql://localhost:3306/jbossdb</connection-url>
      <driver-class>org.gjt.mm.mysql.Driver</driver-class>
      <user-name>jboss</user-name>
      password
      </local-tx-datasource>



      --------------------

      my login-config.xml (part)

      <application-policy name = "testwebapp">

      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
      <module-option name = "dsJndiName">java:/jbossDS</module-option>
      <module-option name = "principalsQuery">select password from users where Username=?</module-option>
      <module-option name = "rolesQuery">select Role form userroles where Username=?</module-option>
      </login-module>

      </application-policy>

      ------------------

      my database

      CREATE TABLE roles (
      Role varchar(64) NOT NULL default '',
      Description mediumtext,
      PRIMARY KEY (Role)
      ) TYPE=MyISAM;

      --
      -- Table structure for table 'userroles'
      --

      CREATE TABLE userroles (
      Username varchar(64) NOT NULL default '',
      Role varchar(64) NOT NULL default ''
      ) TYPE=MyISAM;

      --
      -- Table structure for table 'users'
      --

      CREATE TABLE users (
      Username varchar(64) NOT NULL default '',
      Password varchar(64) NOT NULL default '',
      FirstName varchar(64) NOT NULL default '',
      LastName varchar(64) NOT NULL default '',
      Email varchar(255) NOT NULL default '',
      Extension varchar(16) default NULL,
      PRIMARY KEY (Username)
      ) TYPE=MyISAM;

      ---- my jboss web
      <jboss-web>
      <!-- Uncomment the security-domain to enable security. You will
      need to edit the htmladaptor login configuration to setup the
      login modules used to authentication users.
      -->
      <security-domain>java:/jaas/testwebapp</security-domain>

      </jboss-web>

        • 1. Re: JBoss MySQL Authentication
          andyjeff

          You currently have

          <module-option name = "dsJndiName">java:/jbossDS</module-option>
          <module-option name = "principalsQuery">select password from users where Username=?</module-option>
          <module-option name = "rolesQuery">select Role form userroles where Username=?</module-option>

          The last of these needs changing to

          <module-option name = "rolesQuery">SELECT Role, 'Roles' FROM userroles WHERE Username=?</module-option>

          • 2. Re: JBoss MySQL Authentication
            belfast

            ok, now that works well, thanks!

            few questions

            1. how do i get it to use md5 digest for passwords because thats how i have them stored?

            -jp

            • 3. Re: JBoss MySQL Authentication
              sradford

              Isn't there some login-module options on UsernamePasswordLoginModule (that DatabaseServerLoginModule extends) that configures this:

              hashAlgorithm, hashCharset, and hashEncoding.

              • 4. Re: JBoss MySQL Authentication
                belfast

                yes i believe there is, but i do not think it supports md5,
                can anyone confirm this?
                why doesn't it?

                • 5. Re: JBoss MySQL Authentication
                  sradford

                  Well the code seems to call java.security.MessageDigest.getInstance(hashAlgorithm) so should find any set-up for your JRE.