0 Replies Latest reply on Sep 18, 2005 1:48 PM by neelixx

    Simple DB Authentication?

    neelixx
    neelixx Sep 18, 2005 1:48 PM

      Can someone help me out with a trivial DB Login? I'm just now getting into the JAAS of things (if you pardon the pun), and am having difficulty authenticating to a MySQL Database.

      I authenticate correctly, as you can see in these logs. And I get assigned the correct roles:

      2005-09-18 13:37:39,962 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] User 'apaxson' authenticated, loginOk=true
2005-09-18 13:37:39,962 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] commit, loginOk=true
2005-09-18 13:37:39,972 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role TechDesk-Admin
2005-09-18 13:37:39,972 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role JBoss-JMX-Admin


      Specifically, take note that I was assigned the role "JBoss-JMX-Admin". You can see from the following logs, that it cannot see that I have that role: 

      2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Authenticated 'apaxson' with type 'BASIC'
2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling accessControl()
2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.realm.RealmBase] Checking roles GenericPrincipal[apaxson()]
2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.realm.RealmBase] Username apaxson does NOT have role JBoss-JMX-Admin
2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.realm.RealmBase] No role found: JBoss-JMX-Admin
2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Failed accessControl() test


      I'm sure it's something very simple. I just created a quick DB for learning the authentication process. Can someone give me a hand?

      Here's my login-config.xml 

      <application-policy name = "DefAuth">
 <authentication>
 <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
 flag = "required">
 <module-option name = "unauthenticatedIdentity">guest</module-option>
 <module-option name = "dsJndiName">java:/UserAuthDB</module-option>
 <module-option name = "principalsQuery">SELECT password FROM principles WHERE PrincipleID=?</module-option>
 <module-option name = "rolesQuery">SELECT Role, RoleGroup FROM ROLES WHERE PrincipleID=?</module-option>
 </login-module>
 </authentication>
 </application-policy>


      • 1839 Views
      • Tags: