I'm using JBoss 3.2.3.
I've put myapp-ds.xml in the "deploy" directory:
<?xml version="1.0" encoding="UTF-8"?>
<datasources>
<local-tx-datasource>
<depends>jboss:service=Hypersonic</depends>
<jndi-name>myappDS</jndi-name>
<connection-url>jdbc:hsqldb:hsql://localhost:1701</connection-url>
<driver-class>org.hsqldb.jdbcDriver</driver-class>
<min-pool-size>5</min-pool-size>
<security-domain>myapp</security-domain>
</local-tx-datasource>
</datasources>
I've configured
login-conf.xml by adding the following:
<application-policy name = "myapp">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name = "dsJndiName">java:/myappDS</module-option>
<module-option name = "principalsQuery">
select password from users where id=?
</module-option>
<module-option name = "rolesQuery">
select role, null
from memberships m
where m.user_ = ?
and m.group_ = 'xpto'
</module-option>
</login-module>
</authentication>
</application-policy>
In my
web.xml I've added:
<security-constraint>
<web-resource-collection>
<web-resource-name>user authentication</web-resource-name>
<url-pattern>*.do</url-pattern>
<url-pattern>*.jsp</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>xpto</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-error-page>
</form-login-config>
</login-config>
In my
jboss-web.xml I have:
<jboss-web>
<security-domain>java:/jaas/myapp</security-domain>
</jboss-web>
When I enter my webapp, I get redirected correctly to the
login.jsp but every time I authenticate, I always get redirected to the
loginError.jsp even if I put a correct password.
Please help! Don't know where look anymore.
