1 Reply Latest reply on Jun 15, 2004 10:03 AM by starksm64

using DatabaseLoginModule, no matter what i put in for a pas

echoi1975 Jun 11, 2004 4:59 PM

Hi ,
I just followed the tutorial for JAAS and tried implementing my own protection of my sample webapp. Everything seems to work okay, but no matter what i put for a password or login (valid or not), i am able to access my page?

Is there a way to turn up logging so taht i can see what the problem is behind the scenes.

I tried to break it by referencinng a non-existent policy name in my jboss-web.xml. but it still went thru w/o any errors?

Also,
if i have a servlet/jsp only web app. do i only package web.xml and jboss-web.xml in my war?

my jboss-web.xml is really simple and wonder if that is contributing to the problem.
it looks like:

<?xml version="1.0" encoding="UTF-8"?>

<jboss-web>
<security-domain>java:/jaas/testMW</security-domain>
</jboss-web>

Thanks!

ec.

1. Re: using DatabaseLoginModule, no matter what i put in for a

starksm64 Jun 15, 2004 10:03 AM (in response to echoi1975)
Turn on TRACE level logging on the org.jboss.security category in log4j.xml:

<category name="org.jboss.security"> <priority value="TRACE" class="org.jboss.logging.XLevel"/> </category>
Actions