-
15. Re: Principal=null.... please help me
JBoss will provide security context only on protected web resources access, declared in the web.xml file. If you request a public resource, even if you previously authenticated yourself, the principal associated to the request will be 'null'.
I'd suggest you check this by changing your security constraints in the web.xml in the following way :
...
<security-constraint>
<!-- Sample Security Constraint -->
<web-resource-collection>
<web-resource-name>LoginFilterTestCollection</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>HEAD</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
...
This means that the complete web application if protected. If you try to access any uri associated with such web application, you should be redirected to the login page. Once authenticated, each time you try to access any resource associated to your web application, the principal should always be available.
Regards,
Gianluca. -
16. Re: Principal=null.... please help me
Hi; first of all thanks for your answers and i want to excuse to me for all the disturbance i give.
Well... i have followed your tips; now my web.xml is this one:<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<display-name>Demo Engineering</display-name>
<description>Semplice demo per l'utilizzo di wfmOpen per Engineering Ingegneria Informatica</description>
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>it.eng.nikko.demo.web.login.LoginFilter</filter-class>
<init-param>
<param-name>ApplicationPolicy</param-name>
<param-value>danetworkflow-ia</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<servlet-name>dispatcher</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>it.eng.nikko.demo.web.login.Dispatcher</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/dispatcher</url-pattern>
</servlet-mapping>
<security-constraint>
<display-name>Restricted</display-name>
<web-resource-collection>
<web-resource-name>Restricted</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>StaffManagementUser</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>Default</description>
<role-name>StaffManagementUser</role-name>
</security-role>
<ejb-ref>
<description>Mi riferisco al workflow EJB</description>
<ejb-ref-name>ejb/Engine</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<home>de.danet.an.workflow.ejbs.WorkflowEngineHome</home>
<remote>de.danet.an.workflow.ejbs.WorkflowEngine</remote>
<ejb-link>Engine</ejb-link>
</ejb-ref>
</web-app>
This is my login.jsp:<html> <head> <title>login</title> </head> <body bgcolor="#ffffff"> <form method="post" action="dispatcher"> <table> <tr> <td> <p>Username:</p> </td> <td> <input type="text" name="username"/> </td> </tr> <tr> <td> <p>Password:</p> </td> <td> <input type="text" name="password"/> </td> </tr> </table> <br> <br> <input type="submit" name="Submit" value="Submit"> <input type="reset" value="Reset"> </form> </body> </html>
Well... when i try to log in, now the request is not intercepted form the filter... i always go to the login page; before, instead, at least once i was able to log and call the EJB... i'm not able to understand where i'm wrong... Maybe must not i use the servlet called dispatcher and the Filter... i have read from somewhere that the action of my login page should be j_security_check and the password field should be j_password and username j_username.. i have tried this one but, as i thinked, i had an error that syas to that the resource is not available.... Wow.. or i'm an idiot or it's really difficult to set this kind of security :-))
Please do you have any ideas? -
17. Re: Principal=null.... please help me
Hi craig1980:
I think your problem is: login-config.xml
Change it "ClientLoginModule" in your application policy this way:
<application-policy name = "danetworkflow">
<!-- Bind workflow security domain to staffmgmt authentication -->
<login-module code = "org.jboss.security.ClientLoginModule" flag = "required"></login-module>
<login-module code = "org.jboss.security.auth.spi.ProxyLoginModule" flag = "required">
<module-option name = "moduleName">de.danet.an.staffmgmt.jbossx.StaffMemberLoginModule</module-option>
<module-option name = "unauthenticatedIdentity">nobody</module-option>
<module-option name = "dsJndiName">java:/DefaultDS</module-option>
<module-option name = "daemonUsername">daemon</module-option>
<module-option name = "daemonPassword">Afaik,tiagp.</module-option>
</login-module>
</application-policy>
<!-- Bind workflow security domain to staffmgmt authentication -->
<application-policy name = "danetworkflow-ia">
<login-module code = "org.jboss.security.ClientLoginModule" flag = "required"></login-module>
<login-module code = "org.jboss.security.auth.spi.ProxyLoginModule" flag = "required">
<module-option name = "moduleName">de.danet.an.staffmgmt.jbossx.StaffMemberLoginModule</module-option>
<module-option name = "dsJndiName">java:/DefaultDS</module-option>
<module-option name = "Principal">StaffManagementRole_0</module-option>
</login-module>
</application-policy>
Let me know if it works.
Hope it is not too late :)
Cheers!