-
1. Re: FORM BASED LOGIN MODULE FROM DATABASE HELP NEEDED
rpa_rio Jun 16, 2005 5:07 PM (in response to karpra80)You need to add something like this to your login-config.xml:
<application-policy name="NexusAcesso">
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/NexusDS</module-option>
<module-option name="principalsQuery">SELECT senha FROM usuario WHERE usuario = ?</module-option>
<module-option name="rolesQuery">SELECT papel, 'Roles' FROM papelusuario WHERE usuario = ?</module-option>
<module-option name="unauthenticatedIdentity">convidado</module-option>
</login-module>
</application-policy>
and something like this in jboss-service.xml of your ear:
META-INF/login-config.xml
<depends optional-attribute-name="LoginConfigService">
jboss.security:service=XMLLoginConfig
<depends optional-attribute-name="SecurityManagerService">
jboss.security:service=JaasSecurityManager
i guess that you know about the j_security_check part. -
2. Re: FORM BASED LOGIN MODULE FROM DATABASE HELP NEEDED
rpa_rio Jun 16, 2005 5:09 PM (in response to karpra80)jboss-service.xml part:
META-INF/login-config.xml
<depends optional-attribute-name="LoginConfigService">
jboss.security:service=XMLLoginConfig
<depends optional-attribute-name="SecurityManagerService">
jboss.security:service=JaasSecurityManager -
3. Re: FORM BASED LOGIN MODULE FROM DATABASE HELP NEEDED
rpa_rio Jun 16, 2005 5:10 PM (in response to karpra80)I can't send jboss-service.xml part, i can send to you by e-mail.
-
4. Re: FORM BASED LOGIN MODULE FROM DATABASE HELP NEEDED
karpra80 Jun 17, 2005 4:37 AM (in response to karpra80)Hi RPA,
Thanks for your earlier post but i tried everythign but iam not able to solve it ..
This is my case i have a ear file-------war file
|------meta-inf--------application.xml
|-----jboss-service.xml
login-config.xml is in default/conf right .....
i have done j_security_check using user.properties and role.properties logic placing them into the classes of my war file it works from the properties file ..but when i try doign it through a database it still looks into the properties files logic if possible can u mail me jboss-service.xml and whr shld i place it,then login-config.xml whr shld it be placed and web.xml from wat u tried will be helpful y mail id is
karpra80@yahoo.com
Thanks in advance, i appreciate these helps u r doing to me -
5. Re: FORM BASED LOGIN MODULE FROM DATABASE HELP NEEDED
karpra80 Jun 17, 2005 5:03 AM (in response to karpra80)Hi ,
Please Ignore my previous e-mail .i successfully finsihed jass forma based authentication usign database it is so powerful isnt it ...
earlier i used to create thing by myself in jsp authenticating these things that was so much to code and formulate a logic thanks to jboss security feature iam sure most of app servers have jass implementation in it ....
thanks a lot ramesh and rpa ...
i need to know how to control access to few pages alone in web application depeding on the roles assigned -
6. Re: FORM BASED LOGIN MODULE FROM DATABASE HELP NEEDED
rpa_rio Jun 17, 2005 10:07 AM (in response to karpra80)If i'm no wrong is request.isUserInRole('role')
-
7. Re: FORM BASED LOGIN MODULE FROM DATABASE HELP NEEDED
jbrosan Jul 8, 2005 2:54 PM (in response to karpra80)Hi all,
I'm having a similar issue with JBoss 4.0.2 web app.
I am using form based security and I made all of the changes to login-config.xml, web.xml, etc.
In my logfile it appears to be getting the correct userid and roles from MS SQL Server, and will give me the error page if I use the incorrect UID and PW. However if I use the correct UID and PW and try to access the restricted resource, I get a 403 error, access denied.
I'm sure its something silly that I missed.
Can anyone please help, or point me in the right direction?
Thanks,
John -
8. Re: FORM BASED LOGIN MODULE FROM DATABASE HELP NEEDED
ralluri Jul 9, 2005 11:39 PM (in response to karpra80)I've also successsfully implemented form based login using database. However, I'm trying to find a way to log the user out so that the session is invalid and other user can login. Can someone please suggest a way to do it ?
-
9. Re: FORM BASED LOGIN MODULE FROM DATABASE HELP NEEDED
jbrosan Jul 11, 2005 9:02 AM (in response to karpra80)I may be wrong here, since I'm still new to this. Wouldn't you do something like what I listed below to invalidate the current session?
HttpSession session = request.getSession(false); if(session!=null) { session.invalidate(); }
I hope that helps. :-)
Ralluri, could you please share with me how you got your database login working with your web app?
Thanks,
John