-
1. Re: Authentification with JBoss.NET and DatabaseServerLoginM
essington Apr 5, 2004 10:15 AM (in response to billen)Does the application policy "other" also have a DatabaseServerLoginModule configured to use the defaultDS?
It looks like maybe the AxisServlet (jboss-net.war) is trying to authenticate the HTTP request against that.
Have you set the security domain for JBoss.Net?
It is in the jboss-net.sar/jboss-net.war/WEB-INF/jboss-web.xml
By default it is set to use "other"
you could to set it to:<jboss-web><security-domain>java:/jaas/openbroad</security-domain></jboss-web>
And maybe clear up your problem.
I have tried my JBoss.Net application (which uses the DatabaseServerLoginModule) on JBoss 4.0DR3 and it seemed to work o.k. -
2. Re: Authentification with JBoss.NET and DatabaseServerLoginM
billen Apr 6, 2004 6:02 AM (in response to billen)Hello and thank you for your reply
It didn't work and I still get the same error message.
Should I post some of the code, so you can check if it is correct? -
3. Re: Authentification with JBoss.NET and DatabaseServerLoginM
fheldt Apr 6, 2004 9:09 AM (in response to billen)Do you use ant?
Then putting
* @jboss-net.authentication
* domain="openbroad"
* validate-unauthenticated-calls="true"
*
* @jboss-net.authorization
* domain="openbroad"
in your (Webservice) Session Bean should do the job, which means it puts the corresponding entry in webservice.xml -
4. Re: Authentification with JBoss.NET and DatabaseServerLoginM
billen Apr 7, 2004 3:34 AM (in response to billen)"fheldt" wrote:
Do you use ant?
Then putting
* @jboss-net.authentication
* domain="openbroad"
* validate-unauthenticated-calls="true"
*
* @jboss-net.authorization
* domain="openbroad"
in your (Webservice) Session Bean should do the job, which means it puts the corresponding entry in webservice.xml
I guess you mean XDoclet? Yes I do it that way. I do it the way you can see at the link in my first post. -
5. Re: Authentification with JBoss.NET and DatabaseServerLoginM
fheldt Apr 7, 2004 10:52 AM (in response to billen)Yes, i meant xdoclet, sorry for confusion.
Does your webservice.xml contain lines like the following?<handler type="java:org.jboss.net.axis.server.JBossAuthenticationHandler"> <parameter name="securityDomain" value="java:/jaas/..."/> </handler> <handler type="java:org.jboss.net.axis.server.JBossAuthorizationHandler"> <parameter name="securityDomain" value="java:/jaas/..."/> <parameter name="allowedRoles" value="..."/> <parameter name="deniedRoles" value="..."/> </handler>
-
6. Re: Authentification with JBoss.NET and DatabaseServerLoginM
essington Apr 7, 2004 12:02 PM (in response to billen)first thing, the dsJndiName doesn't look quite right. it should be
java:jaas/something
in your case, maybe
java:jaas/OpenbroadDS
or whatever is in your openbroad-ds.xml file in the <jndi-name> tag.
you might also check for any other <application-policy>s that have a DatabaseServerLoginModule in them that may be misconfigured. -
7. Re: Authentification with JBoss.NET and DatabaseServerLoginM
billen Apr 8, 2004 6:22 AM (in response to billen)"fheldt" wrote:
Does your webservice.xml contain lines like the following?
Yes the web-service.xml file that is generated by XDoclet look like this:<service name="TestService" provider="Handler"> <parameter name="handlerClass" value="org.jboss.net.axis.server.EJBProvider"/> <parameter name="beanJndiName" value="webservice/TestService"/> <parameter name="allowedMethods" value="testLogin "/> <requestFlow name="TestServiceRequest"> <handler type="java:org.jboss.net.axis.server.JBossAuthenticationHandler"> <parameter name="securityDomain" value="java:/jaas/openbroad"/> <parameter name="validateUnauthenticatedCalls" value="true"/> </handler> <handler type="java:org.jboss.net.axis.server.JBossAuthorizationHandler"> <parameter name="securityDomain" value="java:/jaas/openbroad"/> <parameter name="allowedRoles" value="admin"/> </handler> </requestFlow> <responseFlow name="TestServiceResponse"> </responseFlow> </service>
-
8. Re: Authentification with JBoss.NET and DatabaseServerLoginM
billen Apr 8, 2004 6:25 AM (in response to billen)"Essington" wrote:
first thing, the dsJndiName doesn't look quite right. it should be
java:jaas/something
in your case, maybe
java:jaas/OpenbroadDS
or whatever is in your openbroad-ds.xml file in the <jndi-name> tag.
Are you sure about that? JAAS is Java Authentication and Authorization Service and does not IMHO have anything to do with the datasource file. -
9. Re: Authentification with JBoss.NET and DatabaseServerLoginM
essington Apr 8, 2004 11:49 AM (in response to billen)"billen" wrote:
Are you sure about that? JAAS is Java Authentication and Authorization Service and does not IMHO have anything to do with the datasource file.
Bah!
I meant "java:jdbc/OpenbroadDS"
jdbc not jaas (this alphabet soup of Sun's keeps confusing me)
Sorry about that.
At any rate the value in should match the value in your datasource definition. The will need "java:" prepended to whatever value is in the <jndi-name> tag of your xxx-ds.xml file. -
10. Re: Authentification with JBoss.NET and DatabaseServerLoginM
adrian.brock Apr 8, 2004 12:00 PM (in response to billen)Your xml is incorrect. It should be:
<application-policy name = "openbroad"> <authentication> <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required" > <module-option name="dsJndiName">java:/OpenBroadDB</module-option> <module-option name="principalsQuery">SELECT password FROM usertable WHERE username=?</module-option> <module-option name="rolesQuery">SELECT role, 'Roles' FROM userroles WHERE username=?</module-option> </login-module> </authentication> </application-policy>
-
11. Re: Authentification with JBoss.NET and DatabaseServerLoginM
billen Apr 8, 2004 1:24 PM (in response to billen)