DatabaseServerLoginModule/j_security_check redirection probl
dbostwick Sep 9, 2005 5:21 PM1) I'm porting a MyFaces 1.0.9 application from Tomcat 5.0.28 to JBoss 4.0.2.
2) In the Tomcat app, I secure the app using the <url-pattern>/*</url-pattern> in my web.xml, where I've also defined FORM-based security, login/login error pages, and a 403 error page. Everything works fine on Tomcat. The login page pops up when I access the app, and after login, I'm forwarded to the correct target page.
The expected flow is:
Enter address: http://localhost:8080/
---> intercepted by Tomcat and fowarded to ---> /login.jsp
---> j_security_check succeeds forwarded to --->
http://localhost:8080/index.jsp
3) When moving to JBoss, I added:
A) A data source for the user/roles tables in the $JBOSS_HOME/server/default/deploy/datasources directory. The DS name is "alphaDS." This works fine.
B) A <realm-name>alphaRealm</realm-name> to my web.xml in the FORM-based security section. Ex:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>alphaRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login_error.jsp</form-error-page>
</form-login-config>
</login-config>
C) A jboss-web.xml file containing:
<jboss-web>
<security-domain>java:/jaas/alphaRealm</security-domain>
<context-root>/</context-root>
<resource-ref>
<res-ref-name>jdbc/alphaDS</res-ref-name>
<jndi-name>java:jdbc/alphaDS</jndi-name>
</resource-ref>
</jboss-web>
**Note, the context path is set to /. I have deleted the ROOT.war file from the Tomcat sar.
D) And added an alphaRealm element to the $JBOSS_HOME/server/default/conf/login-config.xml file as follows:
<application-policy name="alphaRealm">
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name = "dsJndiName">java:jdbc/alphaDS</module-option>
<module-option name = "principalsQuery">
select user_password from Users where user_login=?
</module-option>
<module-option name = "rolesQuery">
select r.role_name, 'Roles' from Roles r join UsersRoles ur on r.role_id=ur.role_id join Users u on ur.user_id=u.user_id and u.user_login=?
</module-option>
</login-module>
</application-policy>
In JBoss, the login page pops up as expected when I access the app (via http://localhost:8080/), and the login is getting processed correctly (verified with logins having various roles). But after the login completes I am forwarded to someplace where I get the following error message: "The requested resource (/favicon.ico) is not available." The only place I've found a reference to "favicon.ico" in the whole JBoss installation (and its nowhere in my app) is in $JBOSS_HOME/server/default/deploy/lib/license.html. I even tried renaming license.html to license.txt just to see if it would be bypassed, but to no avail.
In addition to this, I've also been redirected to other places, such as directly to a background gif image in my application. The net/net is that redirection to the orginially-requested page after login does not seem to be concrete or predictable with this setup.
What am I doing wrong? I expected redirection to the original page requested, but this isn't happening. Even if I attempt a direct selection of index.jsp via http://localhost:8080/index.jsp before authenticiation I get the same problem. If, after authentication, I attempt to access the original page I get it of course because now I'm authenticated.
Why am I not forwarded correctly after successful login? How do I ensure that the original page requested is the one fetched after authentication?
Thanks in advance for any clues passed this way - dB