8 Replies Latest reply on Oct 28, 2005 10:39 PM by wiley173

    quick question on module-options

    wiley173

      Greetings,

      Can I pass over my username to my Login module using this syntax in my login-conf.xml?

      <module-option name = "username">?</module-option>

      Isn't that how it's getting the username ? It doesn't seem to be working for me I'm sure someone here knows why ... please help me out in understanding how this process is working...

      thank-you

        • 1. Re: quick question on module-options
          wiley173

          I guess a better way to put would be when I pass over something like this ...
          <module-option name = "login variable">?</module-option>

          the ?

          is just a "?"

          and not my login name ...

          I'm just trying to figure out how it's getting the login name to add to the sql statements ...

          • 2. Re: quick question on module-options
            wiley173

            Object tmp = options.get("principalsQuery");

            in regards to this code in the initialize method of the DataBaseLogin class ....

            is Object tmp recieving
            "select Password from Principals where PrincipalID=?"

            or
            "select Password from Principals where PrincipalID=myLoginIentered"

            ?

            • 3. Re: quick question on module-options
              wiley173

              could someone please help me out here on what class in the source is taking in a "?" so maybe I can figure this dumb question out ?


              • 4. Re: quick question on module-options
                starksm64

                Look at the org.jboss.security.auth.spi.DatabaseServerLoginModule source for an example.

                • 5. Re: quick question on module-options
                  wiley173

                  Greetings,
                  That's what I'm using and what I've been working with. I've got my own athentication system but I think the correct way is to use yours but I can't figure out how to dynamically connect to a jndi name based on the login name. I don't want 5 apps running with 5 databases, I'd rather have 1 app with 5 databases .... but you can't query anything to get a login unless you specify the jndi name first right, right... so I thought I'll pass it in with the "?" ... and get my jndi name based on what the login is...

                  basically what I'm doing isn't possible with the DatabaseServerLoginModule ...

                  I guess I could create a filter in the j_security_check and pass in my jndi name that way ??? is that possible ? Or am I just going about this totally the wrong way ...:(

                  help

                  • 6. Re: quick question on module-options
                    wiley173

                    When I use my little security system I connect to the DefaultDS ...

                    then in my login.class I ...

                    try{
                     Class.forName("com.mysql.jdbc.Driver").newInstance();
                     con = DriverManager.getConnection(
                     "jdbc:mysql://localhost/" + database +
                     "?user=uncle&password=jesse");
                    

                    so I only have one jndi name but multiple databases ... I'm just trying to do something like this with the jboss security ?


                    thanks for the reply

                    • 7. Re: quick question on module-options
                      nehring

                      Just wondering why you have 5 databases with authentication information. Are you suggesting that the client provide the name of the database to authenticate against? or that there is a 6th datastore that selects a database based on login name? It sounds to me like this a security issue that may be better solved by centralizing a database to use for authentication....but maybe there are legacy application issues involved....

                      Some databases have database links (Oracle, SQL Server) so one could fashion an SQL query to select from a view that accesses each database (as long as the databases can see each other on the network). I don't think mySQL has that feature.

                      • 8. Re: quick question on module-options
                        wiley173

                        Howdy ,
                        thanks for the reply.

                        After my latest post a lightbulb went off on what I really need to do to get this working , or at least my next learning experience ...

                        Basically it's a really simple content management system where there are /admins and /members ....

                        based on the "budget" I only have access to mysql at the moment ...

                        I thought when the admin creates a new member I would put .... some sort of id before the login .... AXA-adminuser and AXA-members user for users and based on the first 3 I could determine the jndi name I have registered in the mysql-ds.xml . Each company needs their own datasource because with eventually I'll be using a "widely accepted"? database but I would prefer mysql because I think it could handle anything the big boys do but then again I haven't worked with the big boys or developed a "big boy" app yet...

                        I'm getting there ...

                        thanks for the replies...