404 error with JAAS
I'm kind off stuck here with implementing JAAS security, I have the following error in my browser.
HTTP Status 404 - /fisconet/j_security_check type Status report message /fisconet/j_security_check description The requested resource (/fisconet/j_security_check) is not available.
I've followed the trailblazer instructions for this with no success.
As a result of that I found another topic in this forum and added a
login-config.xml again with no success.
Did I forgot something or left something out?
My webpage
... <div id="login"> <form action="j_security_check" method="post"> Name:<input type="text" name="j_username" size="10"/> Password:<input type="password" name="j_password" size="10"/> <input type="submit" value="Login" /> </form> </div> ...
The web.xml
<?xml version="1.0" ?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<listener>
<listener-class>org.jboss.seam.servlet.SeamListener</listener-class>
</listener>
<listener>
<listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
</listener>
<!-- Global JNDI name pattern for JBoss EJB3 (change for other servers) -->
<context-param>
<param-name>org.jboss.seam.core.init.jndiPattern</param-name>
<param-value>jboss-seam-fisconet/#{ejbName}/local</param-value>
</context-param>
<context-param>
<param-name>org.jboss.seam.core.init.componentClasses</param-name>
<param-value>org.jboss.seam.core.Jbpm</param-value>
</context-param>
<context-param>
<param-name>org.jboss.seam.core.jbpm.processDefinitions</param-name>
<param-value>post.jpdl.xml</param-value>
</context-param>
<context-param>
<param-name>org.jboss.seam.core.jbpm.pageflowDefinitions</param-name>
<param-value>pageflow.jpdl.xml</param-value>
</context-param>
<context-param>
<param-name>org.jboss.seam.core.manager.conversationTimeout</param-name>
<param-value>30000</param-value>
</context-param>
<context-param>
<param-name>org.jboss.seam.core.init.debug</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>facelets.DEVELOPMENT</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.DEFAULT_SUFFIX</param-name>
<param-value>.xhtml</param-value>
</context-param>
<filter>
<filter-name>Seam Exception Filter</filter-name>
<filter-class>org.jboss.seam.servlet.SeamExceptionFilter</filter-class>
</filter>
<filter>
<filter-name>Seam Redirect Filter</filter-name>
<filter-class>org.jboss.seam.servlet.SeamRedirectFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>Seam Exception Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Seam Redirect Filter</filter-name>
<url-pattern>*.seam</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.seam</url-pattern>
</servlet-mapping>
<context-param>
<param-name>org.jboss.seam.core.init.managedPersistenceContexts</param-name>
<param-value>entityManager</param-value>
</context-param>
<context-param>
<param-name>entityManager.persistenceUnitJndiName</param-name>
<param-value>java:/accountingEntityManagerFactory</param-value>
</context-param>
<security-constraint>
<web-resource-collection>
<web-resource-name>
Fisconet accounting EE5 application
</web-resource-name>
<url-pattern>/post.xhtml</url-pattern>
<url-pattern>/postdetails.xhtml</url-pattern>
<url-pattern>/postcomplete.xhtml</url-pattern>
<url-pattern>/debitor.xhtml</url-pattern>
<url-pattern>/creditor.xhtml</url-pattern>
<url-pattern>/bookings.xhtml</url-pattern>
<url-pattern>/accounts.xhtml</url-pattern>
<url-pattern>/periods.xhtml</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>AdminUser</role-name>
<role-name>RegularUser</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-role>
<description>Authorized to access everything.</description>
<role-name>AdminUser</role-name>
</security-role>
<security-role>
<description>Authorized to limited access.</description>
<role-name>RegularUser</role-name>
</security-role>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/home.xhtml</form-login-page>
<form-error-page>/loginfailed.xhtml</form-error-page>
</form-login-config>
</login-config>
</web-app>
my users.properties form the root of my .jar
# org.jboss.security.auth.spi.UsersRolesLoginModule username to password mapping admin=jboss user=ejb3
my roles.properties form the root of my .jar
# org.jboss.security.auth.spi.UsersRolesLoginModule username to roles mapping admin=AdminUser,RegularUser user=RegularUser
The login-config.xml from my .ear/META-INF
<?xml version='1.0'?> <!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN" "http://www.jboss.org/j2ee/dtd/security_config.dtd"> <policy> <application-policy name = "other"> <authentication> <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" /> </authentication> </application-policy> </policy>
