principalsQuery fails
rajs1 Dec 15, 2004 1:19 PMI am trying to set up a simple Security test with JBoss4RC2 and Apache Derby.
I have set up the security config in login-config.xml as follows:
<application-policy name = "SecurityTest"> <authentication> <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required"/> <module-option name="dsJndiName">java:/DefaultDS</module-option> <module-option name="principalsQuery">select user_passwd from Login_Schema.Registration where user_id = ?</module-option> <module-option name="rolesQuery">select user_role, 'Roles' from Login_Schema.User_Roles where user_id = ?</module-option> </authentication> </application-policy>
I run Derby in NeyworkServer mode. I have used DBVisuzlizer to connect to Derby in Network mode and executed the SQL query:
select user_passwd from Login_Schema.Registration where user_id = 'smith'
and as expected I get:
user_passwd column as 'smith'
I have a statless session bean, SecuredSLSB with a single function
/** * * @ejb.interface-method view-type="both" * @ejb.transaction type="Required" * */ public int securedSLSBFunction() { try { return 1; } finally { } }
The ejb-jar.xml is:
... <session > <description>[CDATA[Description for SecuredSLSB]]</description> <display-name>Name for SecuredSLSB</display-name> <ejb-name>SecuredSLSB</ejb-name> <home>com.clarologic.jaas.stateless.SecuredSLSBHome</home> <remote>com.clarologic.jaas.stateless.SecuredSLSB</remote> <local-home>com.clarologic.jaas.stateless.SecuredSLSBLocalHome</local-home> <local>com.clarologic.jaas.stateless.SecuredSLSBLocal</local> <ejb-class>com.clarologic.jaas.stateless.SecuredSLSBean</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> </session> ... <assembly-descriptor > <security-role> <description>[CDATA[description not supported yet by ejbdoclet]]</description> <role-name>admin_role</role-name> </security-role> <method-permission > <description>[CDATA[description not supported yet by ejbdoclet]]</description> <role-name>admin_role</role-name> <method > <description>[CDATA[description not supported yet by ejbdoclet]]</description> <ejb-name>SecuredSLSB</ejb-name> <method-name>*</method-name> </method> </method-permission> ...
When accessed by the client (unit test) I get:
17:48:40,281 ERROR [DatabaseServerLoginModule] Query failed com.ibm.db2.jcc.c.SqlException: DB2 SQL error: SQLCODE: -1, SQLSTATE: 42X05, SQLERRMC: PRINCIPALS42X05 at com.ibm.db2.jcc.c.zc.e(zc.java:1606) at com.ibm.db2.jcc.a.eb.p(eb.java:634) at com.ibm.db2.jcc.a.eb.h(eb.java:152) at com.ibm.db2.jcc.a.eb.a(eb.java:43) at com.ibm.db2.jcc.a.r.a(r.java:30) at com.ibm.db2.jcc.a.tb.g(tb.java:152) at com.ibm.db2.jcc.c.zc.n(zc.java:1186) at com.ibm.db2.jcc.c.ad.db(ad.java:1761) at com.ibm.db2.jcc.c.ad.d(ad.java:2203) at com.ibm.db2.jcc.c.ad.U(ad.java:489) at com.ibm.db2.jcc.c.ad.executeQuery(ad.java:472) at org.jboss.resource.adapter.jdbc.WrappedPreparedStatement.executeQuery(WrappedPreparedStatement.java:296) at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:101) at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:156) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607) at javax.security.auth.login.LoginContext.login(LoginContext.java:534) ...
Is this a Derby problem or a JBoss problem. If its the former I can swith to another DB (Oracle or Firebird) and test that.
Or maybe I have missed something?
Cheers
-raj