7 Replies Latest reply on May 24, 2004 5:42 AM by sbocquet

    Extending DatabaseServerLoginModule... (urgent)

    sbocquet

      Hi all,

      I'm trying to extend DatabaseServerLoginModule.
      But I can't find the JAR file where the compiled class is stored.
      I can find the class in the sources tree, in org.jboss.security.auth.spi, but where is the compiled one ? I've searched in jbosssx-client.jar (JBoss/Tomcat v3.2.3), and find some security classes, but no DatabaseServerLoginModule !

      Another question...
      Do I have to put my class (DatabaseServerGroupLoginModule.java) in JBoss source tree, and re-build JBoss, or can I add it in one of my personal project package, and it will be automatically use by JAAS...

      Thanks for help,

        • 1. Re: Extending DatabaseServerLoginModule... (urgent)
          morenito9000

          Hi,
          you can find DatabaseServerLoginModule class
          in jbosssx.jar (in <instance of JBoss>/lib directory).

          For your second question I created a personal JAR file
          (with MyDatabaseServerLoginModule class + other classes)
          that I put in <instance of JBoss>/lib directory.
          Then I restarted JBoss.

          I don't know if this is the correct way of doing it ... in any case
          it works :-)

          Moreno

          • 2. Re: Extending DatabaseServerLoginModule... (urgent)
            sbocquet

            Thanks for the quick answers ;-)))

            • 3. Re: Extending DatabaseServerLoginModule... (urgent)
              sbocquet

              Hi again,

              I've deployed my personal login class in a jar file in the specified JBoss lib directory.
              I can see (in debug mode) that it goes throw the initilize() method, but that's all !!! No getUsersPassword() ou getRoleSets() are called !
              When I try to connect, I have this error in the log file. I find very strange the calls to the "original" principalsQuery and rolesQuery...
              Will thoses queries be used or my personal ones ?

              And I don't undestand what is going wrong with this CallbackHandler...
              Hope someone can help me,

              2004-05-20 01:44:18,468 TRACE [org.jboss.security.auth.spi.DatabaseServerGroupLoginModule] initialize
              2004-05-20 01:44:18,468 TRACE [org.jboss.security.auth.spi.DatabaseServerGroupLoginModule] DatabaseServerLoginModule, dsJndiName=java:/DefaultDS
              2004-05-20 01:44:18,468 TRACE [org.jboss.security.auth.spi.DatabaseServerGroupLoginModule] principalsQuery=select Password from Principals where PrincipalID=?
              2004-05-20 01:44:18,468 TRACE [org.jboss.security.auth.spi.DatabaseServerGroupLoginModule] rolesQuery=select Role, RoleGroup from Roles where PrincipalID=?
              2004-05-20 01:44:47,060 TRACE [org.jboss.security.auth.spi.DatabaseServerGroupLoginModule] DatabaseServerGroupLoginModule, dsJndiName=java:/DefaultDS
              2004-05-20 01:44:49,283 TRACE [org.jboss.security.auth.spi.DatabaseServerGroupLoginModule] userQuery=SELECT UserId, Password FROM Users WHERE UserName = ?
              2004-05-20 01:44:53,068 TRACE [org.jboss.security.auth.spi.DatabaseServerGroupLoginModule] roleQuery=SELECT R.RoleId, R.Name, G.Name FROM Roles R, GroupsRolesLink GRL, Groups G, Users_Groups_Link UGL WHERE R.RoleId = GRL.RoleId AND GRL.GroupId = G.GroupId AND G.GroupId = UGL.GroupId AND UGL.UserId = ?
              2004-05-20 01:46:06,434 TRACE [org.jboss.security.auth.spi.DatabaseServerGroupLoginModule] login
              2004-05-20 01:46:06,434 TRACE [org.jboss.security.auth.spi.DatabaseServerGroupLoginModule] abort
              2004-05-20 01:46:06,444 DEBUG [org.jboss.security.plugins.JaasSecurityManager.FootBet] Login failure
              javax.security.auth.login.LoginException: Error: no CallbackHandler available to collect authentication information
               at org.jboss.security.auth.spi.UsernamePasswordLoginModule.getUsernameAndPassword(UsernamePasswordLoginModule.java:200)
               at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:134)
              ...
              


              Thanks,

              • 4. Re: Extending DatabaseServerLoginModule... (urgent)
                sbocquet

                Hi,

                In debug mode, I see that the callbackHandler argument is null, when the

                initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
                method is call in AbstractServerLoginModule !

                Any idea why ?
                Can someone help me ?

                Thanks

                • 5. Re: Extending DatabaseServerLoginModule... (urgent)
                  sbocquet

                  Hi,

                  Allways in debug mode...
                  It works perfectly with DatabaseServerLoginModule, I have the callbackHandler variable not null, and all works perfectly.
                  But with my personal class which extends DatabaseServerLoginModule (or UsernamePasswordLoginModule), I can't have that variable not null.

                  I don't undestand why it's allways a null value !...
                  Is there something I have missed, like a config file to configure (other than login-config.xml) ?

                  Here is my security policy in login-config.xml...

                  <application-policy name="WebDesk">
                   <authentication>
                   <login-module code="org.jboss.security.auth.spi.DatabaseServerGroupLoginModule" flag="required">
                   <module-option name="dsJndiName">java:/DefaultDS</module-option>
                   <module-option name="principalsQuery">SELECT UserId, Password FROM Users WHERE UserName=?</module-option>
                   <module-option name="rolesQuery">SELECT R.Name, G.Name FROM Roles R, GroupsRolesLink GRL, Groups G, UsersGroupsLink UGL WHERE R.RoleId = GRL.RoleId AND GRL.GroupId = G.GroupId AND G.GroupId = UGL.GroupId AND UGL.UserId = ?</module-option>
                   </login-module>
                   </authentication>
                  </application-policy>
                  


                  Any help will be very appreciated ;-)

                  • 6. Re: Extending DatabaseServerLoginModule... (urgent)
                    starksm64

                    The code creating the LoginContext has to provide the callback handler. See the JAAS Howto for the details.

                    • 7. Re: Extending DatabaseServerLoginModule... (urgent)
                      sbocquet

                      Hi,

                      Ok, I found it !

                      It was just a bad copy/paste !

                      Thanks for the help...

                      Stephane