DatabaseServerLoginModule
hi i have problem with the DatabaseServerLoginModule, i have tryed all i know
(that isent much but any way) the problem is that it will not work,
i'm using hypersonic database , and jboss 3.2.1
here is my web.xml followed by my jboss-web.xml and my login-config.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<!-- Standard Action Servlet Configuration (with debugging) -->
<servlet-name>action</servlet-name>
<servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>debug</param-name>
<param-value>4</param-value>
</init-param>
<init-param>
<param-name>detail</param-name>
<param-value>4</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
<!-- Standard Action Servlet Mapping -->
<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>
<!-- The Usual Welcome File List -->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<!-- Struts Tag Library Descriptors -->
<taglib-uri>/tags/struts-bean</taglib-uri>
<taglib-location>/WEB-INF/struts-bean.tld</taglib-location>
<taglib-uri>/tags/struts-html</taglib-uri>
<taglib-location>/WEB-INF/struts-html.tld</taglib-location>
<taglib-uri>/tags/struts-logic</taglib-uri>
<taglib-location>/WEB-INF/struts-logic.tld</taglib-location>
<taglib-uri>/tags/struts-nested</taglib-uri>
<taglib-location>/WEB-INF/struts-nested.tld</taglib-location>
<taglib-uri>/tags/struts-tiles</taglib-uri>
<taglib-location>/WEB-INF/struts-tiles.tld</taglib-location>
<!-- Secure the pages, also see jboss-web.xml for jboss specific security settings -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Something??</web-resource-name>
<url-pattern>/app/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin pages</web-resource-name>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/logon.jsp</form-login-page>
<form-error-page>/logonFailed.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
</web-app>
and then my jboss-web.xml
<jboss-web>
<security-domain>java:/jaas/my</security-domain>
</jboss-web>
and my login-config.xml
<?xml version='1.0'?>
<!DOCTYPE policy PUBLIC
"-//JBoss//DTD JBOSS Security Config 3.0//EN"
"http://www.jboss.org/j2ee/dtd/security_config.dtd">
<!-- The XML based JAAS login configuration read by the
org.jboss.security.auth.login.XMLLoginConfig mbean. Add
an application-policy element for each security domain.
The outline of the application-policy is:
<application-policy name="security-domain-name">
<login-module code="login.module1.class.name" flag="control_flag">
<module-option name = "option1-name">option1-value</module-option>
<module-option name = "option2-name">option2-value</module-option>
...
</login-module>
<login-module code="login.module2.class.name" flag="control_flag">
...
</login-module>
...
</application-policy>
$Revision: 1.6.2.1 $
-->
<!-- Used by clients within the application server VM such as
mbeans and servlets that access EJBs.
-->
<application-policy name = "client-login">
<login-module code = "org.jboss.security.ClientLoginModule"
flag = "required">
</login-module>
</application-policy>
<!-- Security domain for JBossMQ -->
<application-policy name = "jbossmq">
<login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
flag = "required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
</login-module>
</application-policy>
<!-- Security domains for testing new jca framework -->
<application-policy name = "HsqlDbRealm">
<login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag = "required">
<module-option name = "principal">sa</module-option>
<module-option name = "userName">sa</module-option>
<module-option name = "password"></module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
</login-module>
</application-policy>
<application-policy name = "FirebirdDBRealm">
<login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag = "required">
<module-option name = "principal">sysdba</module-option>
<module-option name = "userName">sysdba</module-option>
<module-option name = "password">masterkey</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=FirebirdDS</module-option>
</login-module>
</application-policy>
<application-policy name = "JmsXARealm">
<login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag = "required">
<module-option name = "principal">guest</module-option>
<module-option name = "userName">guest</module-option>
<module-option name = "password">guest</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
</login-module>
</application-policy>
<!-- A template configuration for the jmx-console web application. This
defaults to the UsersRolesLoginModule the same as other and should be
changed to a stronger authentication mechanism as required.
-->
<application-policy name = "jmx-console">
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</application-policy>
<!-- The default login configuration used by any security domain that
does not have a application-policy entry with a matching name
-->
<application-policy name = "other">
<!-- A simple server login module, which can be used when the number
of users is relatively small. It uses two properties files:
users.properties, which holds users (key) and their password (value).
roles.properties, which holds users (key) and a comma-separated list of
their roles (value).
The unauthenticatedIdentity property defines the name of the principal
that will be used when a null username and password are presented as is
the case for an unuathenticated web client or MDB. If you want to
allow such users to be authenticated add the property, e.g.,
unauthenticatedIdentity="nobody"
-->
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</application-policy>
<application-policy name = "my">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name="dsJndiName">java:/DefaultDS</module-option>
<module-option name="pricipalsQuery">select Password from Principals where PrincipalID=?</module-option>
<module-option name="rolesQuery">select Role, RoleGroup from Roles where PrincipalID=?</module-option>
</login-module>
</application-policy>
i don't know whats wrong so please help my on my way
/thanks Henrik
