1 Reply Latest reply on Aug 2, 2006 9:05 PM by thethirdeye

    JAAS and DatabaseServerLoginModule

    thethirdeye Aug 2, 2006 8:12 PM

      Hi,

      I am trying to configure Jaas with DatabaseServerLoginModule, I have the following setup:

      login-config.xml

      <application-policy name="db_Sec_realm">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
 flag="required">
 <module-option name="dsJndiName">java:/login_ds</module-option>
 <module-option name="principalsQuery">
 SELECT PASSWORD FROM USER WHERE LOWER(USERNAME) = TRIM(LOWER(?)) AND ENABLED = '1'
 </module-option>
 <module-option name="rolesQuery">
 SELECT DISTINCT RP.PERMISSION_NAME, 'Roles' FROM USER U, USER_ROLE UR, ROLE_PERMISSION RP WHERE LOWER(U.USERNAME) = TRIM(LOWER(?)) AND U.SEQ = UR.USER_SEQ AND UR.ROLE_SEQ = RP.ROLE_SEQ
 </module-option>
 <module-option name="unauthenticatedIdentity">anonymous</module-option>
 <module-option name="password-stacking">useFirstPass</module-option>
 <module-option name="hashAlgorithm">MD5</module-option>
 <module-option name="hashEncoding">base64</module-option>
 </login-module>
 </authentication>
 </application-policy>


      web.xml 

       <security-constraint>
 <web-resource-collection>
 <web-resource-name>Action servlet</web-resource-name>
 <url-pattern>*.do</url-pattern>
 </web-resource-collection>
 <web-resource-collection>
 <web-resource-name>Secure JSP Pages</web-resource-name>
 <url-pattern>/jsp/*</url-pattern>
 </web-resource-collection>
 <auth-constraint>
 <role-name>app_access</role-name>
 </auth-constraint>
 <user-data-constraint>
 <transport-guarantee>NONE</transport-guarantee>
 </user-data-constraint>
 </security-constraint>

 <!-- Form-based login -->
 <login-config>
 <auth-method>FORM</auth-method>
 <realm-name>db_Sec_realm</realm-name>
 <form-login-config>
 <form-login-page>/login.jsp</form-login-page>
 <form-error-page>/loginError.jsp</form-error-page>
 </form-login-config>
 </login-config>

 <!-- Permission for login (neede to access secure resources) -->
 <security-role>
 <role-name>app_access</role-name>
 </security-role>

 <session-config>
 <session-timeout>20</session-timeout>
 </session-config>


      The problem:

      When I try to login to the app using a valid username/password. I am redirected to the loginError.jsp page. I am really lost on how to debug this problem. Any pointers on the solution to this issue or possible areas of issues to investigate is greatly appriciated.

      Regards,
      MR


      • 1154 Views
      • Tags: