Hi,
I am trying to configure JAAS DatabaseServerLoginModule in my application. But it seems i am not able to do that, so please help me out.
I have done following:
In hsqldb-ds.xml:
I uncommented following xml tags -
<connection-url>jdbc:hsqldb:hsql://localhost:1701</connection-url>
and the mbean tag i.e "jboss:service=Hypersonic"
In login-config.xml :
<application-policy name="UP_Login">
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName">java:/DefaultDS</module-option>
<module-option name="principalsQuery">
Select password from Prinicipals where principalID = ?
</module-option>
<module-option name="rolesQuery">
Select Role 'Roles', RoleGroup 'RoleGroups' from localDB.Roles where PrincipalID =?
</module-option>
</login-module>
</application-policy>
In jboss-web.xml:
<security-domain>java:/jaas/UP_Login</security-domain>
In web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>action</web-resource-name>
An example security config that only allows users with the
role JBossAdmin to access the HTML JMX console web application
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>ProfilazioneUtenteUsers</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Profilazione Utente Autenticazione</realm-name>
</login-config>
<security-role>
<role-name>ProfilazioneUtenteUsers</role-name>
</security-role>
Does it need any other configuration, other than this.
I have tables Principals and roles using jbos hsql dbmanager.
Quick reply will be highly appreciated.
Thanks in advance.
-------
Kalai.