404 error with JAAS
drapierwim May 26, 2006 10:58 AMI'm kind off stuck here with implementing JAAS security, I have the following error in my browser.
HTTP Status 404 - /fisconet/j_security_check type Status report message /fisconet/j_security_check description The requested resource (/fisconet/j_security_check) is not available.
I've followed the trailblazer instructions for this with no success.
As a result of that I found another topic in this forum and added a
login-config.xml again with no success.
Did I forgot something or left something out?
My webpage
... <div id="login"> <form action="j_security_check" method="post"> Name:<input type="text" name="j_username" size="10"/> Password:<input type="password" name="j_password" size="10"/> <input type="submit" value="Login" /> </form> </div> ...
The web.xml
<?xml version="1.0" ?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4"> <listener> <listener-class>org.jboss.seam.servlet.SeamListener</listener-class> </listener> <listener> <listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class> </listener> <!-- Global JNDI name pattern for JBoss EJB3 (change for other servers) --> <context-param> <param-name>org.jboss.seam.core.init.jndiPattern</param-name> <param-value>jboss-seam-fisconet/#{ejbName}/local</param-value> </context-param> <context-param> <param-name>org.jboss.seam.core.init.componentClasses</param-name> <param-value>org.jboss.seam.core.Jbpm</param-value> </context-param> <context-param> <param-name>org.jboss.seam.core.jbpm.processDefinitions</param-name> <param-value>post.jpdl.xml</param-value> </context-param> <context-param> <param-name>org.jboss.seam.core.jbpm.pageflowDefinitions</param-name> <param-value>pageflow.jpdl.xml</param-value> </context-param> <context-param> <param-name>org.jboss.seam.core.manager.conversationTimeout</param-name> <param-value>30000</param-value> </context-param> <context-param> <param-name>org.jboss.seam.core.init.debug</param-name> <param-value>true</param-value> </context-param> <context-param> <param-name>javax.faces.STATE_SAVING_METHOD</param-name> <param-value>client</param-value> </context-param> <context-param> <param-name>facelets.DEVELOPMENT</param-name> <param-value>true</param-value> </context-param> <context-param> <param-name>javax.faces.DEFAULT_SUFFIX</param-name> <param-value>.xhtml</param-value> </context-param> <filter> <filter-name>Seam Exception Filter</filter-name> <filter-class>org.jboss.seam.servlet.SeamExceptionFilter</filter-class> </filter> <filter> <filter-name>Seam Redirect Filter</filter-name> <filter-class>org.jboss.seam.servlet.SeamRedirectFilter</filter-class> </filter> <filter-mapping> <filter-name>Seam Exception Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>Seam Redirect Filter</filter-name> <url-pattern>*.seam</url-pattern> </filter-mapping> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.seam</url-pattern> </servlet-mapping> <context-param> <param-name>org.jboss.seam.core.init.managedPersistenceContexts</param-name> <param-value>entityManager</param-value> </context-param> <context-param> <param-name>entityManager.persistenceUnitJndiName</param-name> <param-value>java:/accountingEntityManagerFactory</param-value> </context-param> <security-constraint> <web-resource-collection> <web-resource-name> Fisconet accounting EE5 application </web-resource-name> <url-pattern>/post.xhtml</url-pattern> <url-pattern>/postdetails.xhtml</url-pattern> <url-pattern>/postcomplete.xhtml</url-pattern> <url-pattern>/debitor.xhtml</url-pattern> <url-pattern>/creditor.xhtml</url-pattern> <url-pattern>/bookings.xhtml</url-pattern> <url-pattern>/accounts.xhtml</url-pattern> <url-pattern>/periods.xhtml</url-pattern> </web-resource-collection> <auth-constraint> <role-name>AdminUser</role-name> <role-name>RegularUser</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <security-role> <description>Authorized to access everything.</description> <role-name>AdminUser</role-name> </security-role> <security-role> <description>Authorized to limited access.</description> <role-name>RegularUser</role-name> </security-role> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/home.xhtml</form-login-page> <form-error-page>/loginfailed.xhtml</form-error-page> </form-login-config> </login-config> </web-app>
my users.properties form the root of my .jar
# org.jboss.security.auth.spi.UsersRolesLoginModule username to password mapping admin=jboss user=ejb3
my roles.properties form the root of my .jar
# org.jboss.security.auth.spi.UsersRolesLoginModule username to roles mapping admin=AdminUser,RegularUser user=RegularUser
The login-config.xml from my .ear/META-INF
<?xml version='1.0'?> <!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN" "http://www.jboss.org/j2ee/dtd/security_config.dtd"> <policy> <application-policy name = "other"> <authentication> <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" /> </authentication> </application-policy> </policy>