-
1. Re: Authentication exception, principal=null
claude.glauser Aug 12, 2003 11:41 PM (in response to ebdr)Is your "sample" security domian a client login module ? Look for a file called something like
login....xml in the conf directory of your server directory. The names must match.
See:
http://www.luminis.nl/publications/websecurity.html -
2. Re: Authentication exception, principal=null
ebdr Aug 16, 2003 9:26 AM (in response to ebdr)Hi Claude,
Sorry for the late response. my sample security domain is specified like this in my login-config.xml:
<application-policy name = "sample">
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</application-policy>
I have defined a username=password and username=role in my password and group files respectively. Is this the proper configuration?
Thanks again.
Eric -
3. Re: Authentication exception, principal=null
claude.glauser Aug 17, 2003 11:38 AM (in response to ebdr)In my case, I use:
1. (snippet of login-config.xml)
<!-- Used by clients within the application server VM such as
mbeans and servlets that access EJBs.
-->
<application-policy name = "client-login">
<login-module code = "org.jboss.security.ClientLoginModule"
flag = "required">
</login-module>
</application-policy>
and
<application-policy name = "bbloxDB">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name="dsJndiName">java:/MySqlDS</module-option>
<module-option name="principalsQuery">select PASSWORD from BBLOXUSERS ID where id=?</module-option>
<module-option name="rolesQuery">select ROLES, 'Roles' from BBLOXUSERENTITY_ROLES_BBLOXROLEENTITY_USERS where USERS=?</module-option>
</login-module>
</application-policy>
------------------------
In the servlet, I use
LoginContext loginContext = new LoginContext("client-login", (CallbackHandler) handler);
In the jboss.xml (In meta-inf of ejb jar file) is an entry that the
"bbloxDB" security domain must be used.
Client-login module is something like an
"intermediate" login, which propagates to
the database loginmodule (my English is
rather poor).
Hope this helps.