cannot get multiple realms to work with 3.2 (works well in 3
eelco69 May 30, 2004 7:08 PMHello,
I have searched all forums, haven't been able to find something about my problem. I have multiple websites in production running on a 3.0.7 JBoss Server. Everything works fine. However, I am now trying to get the same websites running under 3.2. Now something weird happens: The first realm I enter everything is well. The second realm however, gets a null principal. Here is the configuration:
oracle-ds file:
<local-tx-datasource>
<jndi-name>x1_datasource</jndi-name>
<connection-url>jdbc:oracle:thin:@(description=(address=(host=myHost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))</connection-url>
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
<user-name>x1</user-name>
xxxxxx
<exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter</exception-sorter-class-name>
</local-tx-datasource>
<local-tx-datasource>
<jndi-name>x2_datasource</jndi-name>
<connection-url>jdbc:oracle:thin:@(description=(address=(host=myHost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))</connection-url>
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
<user-name>x2</user-name>
xxxxx
<exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter</exception-sorter-class-name>
</local-tx-datasource>
<local-tx-datasource>
<jndi-name>x3_datasource</jndi-name>
<connection-url>jdbc:oracle:thin:@(description=(address=(host=myhost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))</connection-url>
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
<user-name>x3</user-name>
xxxxx
<exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter</exception-sorter-class-name>
</local-tx-datasource>
<local-tx-datasource>
<jndi-name>x4_datasource</jndi-name>
<connection-url>jdbc:oracle:thin:@(description=(address=(host=myHost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))</connection-url>
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
<user-name>x4</user-name>
xxxxx
<exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter</exception-sorter-class-name>
</local-tx-datasource>
in login-config.xml i have set up application-policies:
<application-policy name = "xx1">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name="dsJndiName">java:/x1_datasource</module-option>
<module-option name="principalsQuery">select wachtwoord from gebruikers where upper (key_gebruiker) = upper (?)</module-option>
<module-option name="rolesQuery">select key_rol, 'Roles' from gebruikers_rollen, gebruikers where upper (key_gebruiker) = upper (?) and gebruikers.id_gebruiker = gebruikers_rollen.id_gebruiker</module-option>
</login-module>
</application-policy>
four times (for every realm one)
every jboss-web.xml shows as follows, only the jndi call is different (pointing to one of the above datasources)
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<context-root>/xxroot</context-root>
<security-domain>java:/jaas/xx1</security-domain>
<resource-ref>
<res-ref-name>jdbc/x1_datasource</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<jndi-name>java:/x1_datasource</jndi-name>
</resource-ref>
</jboss-web>
and in the web.xml: (only the auth/datasource part showing here)
<resource-ref>
Datasource for x1
<res-ref-name>jdbc/x1_datasource</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<security-constraint>
<web-resource-collection>
<web-resource-name>Restricted</web-resource-name>
Declarative security tests
<url-pattern>/restricted/*</url-pattern>
<http-method>HEAD</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>role1</role-name>
</auth-constraint>
<user-data-constraint>
no description
<transport-guarantee>GUARANTEED</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>xx1</realm-name>
</login-config>
Now why doesn't it work in 3.2.4 anymore????
Funny thing is, the first realm to do authentication will succeed after starting the server, every next realm will fail.
Please help