Seam/JAAS/DatabaseServerLoginModule problens
Hello,
I am brand new to Seam and am sorry for the newbie question. However, I've been following what I have found in the forums and docs without any luck.
I have a simple Seam/facelets webapp that I cannot get JAAS based security/authentication working for. I've used JASS form based authentication before on many webapps with great success, but somehow this appears to work differently with Seam.
I have a security realm declared to use the DatabaseServerLoginModule (please note that this realm is successfully used for other webapps). The application prompts for the login (displays the login form), appears to accept the response and then returns with the following error
The page isn't redirecting properly Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
Note that the URL at this point has been redirected to something like: https://localhost:8443/eventBrowser/debug.xhtml?conversationId=85
The debug.xhtml page is not part of my application? However, I suspect it is related to the seam debug option which I have declared (and I do have the jboss-seam-debug.jar in my WEB-INF/lib. Any subsequent attempts to "try again" results in this same error. I've compared the following to the wiki samples for DatabaseServerLoginModule and cannot seem to see the differences or problem. I'm really lost and not sure what to try?
I'll appreciate any help you can provide!
TIA!
My environment:
JBoss AS 4.2.2.GA
Seam 2.0.1.GA
RichFaces 3.1.4.GA
MyFaces Tomahawk 1.1.6 and Sandbox 1.1.7
My login.xhtml has the following form:
<form action="j_security_check" method="POST" bgcolor="#999999"> <table border='0' bgcolor='#999966'> <tr> <td> <h:outputText value="UserId:"/> </td> <td> <h:inputText id="j_username" required="true"/> </td> </tr> <tr> <td> <h:outputText value="Password:"/> </td> <td> <h:inputSecret id="j_password" required="true"/> </td> </tr> <tr> <td colspan='2' align='center'> <h:commandButton id="SubmitButton" value="Submit" action="j_security_check"/> <input type='reset' value='Reset'/> </td> </tr> </table> </form>
My components.xml is as follows:
<components xmlns="http://jboss.com/products/seam/components"
xmlns:core="http://jboss.com/products/seam/core"
xmlns:security="http://jboss.com/products/seam/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=
"http://jboss.com/products/seam/core http://jboss.com/products/seam/core-2.0.xsd
http://jboss.com/products/seam/components http://jboss.com/products/seam/components-2.0.xsd">
<core:init
jndi-pattern="eventBrowser/#{ejbName}/local"
debug="true"/>
<core:manager conversation-timeout="60000"/>
<security:identity jaas-config-name="MyRealm"/>
</components>
My faces-config.xml is as follows:
<faces-config version="1.2" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_1_2.xsd"> <application> <view-handler> com.sun.facelets.FaceletViewHandler </view-handler> </application> </faces-config>
and my web.xml is as follows:
<web-app version="2.5" xmlns="http://java.sun.com/vml/ns/j2ee" xmlns:xsi="http://www/w3.org.2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_5.xsd"> <display-name>Event Historian (EVTH)</display-name> <description>The EVTH provides a historical view of events. </description> <!-- Seam --> <listener> <listener-class>org.jboss.seam.servlet.SeamListener</listener-class> </listener> <!-- MyFaces --> <!-- Not needed when using JBoss since it bundle JSF 1.2 RI <listener> <listener-class> org.apache.myfaces.webapp.StartupServletContextListener </listener-class> </listener> --> <context-param> <param-name>javax.faces.STATE_SAVING_METHOD</param-name> <param-value>client</param-value> </context-param> <context-param> <param-name>com.sun.faces.validateXml</param-name> <param-value>true</param-value> </context-param> <context-param> <param-name>com.sun.faces.verifyObjects</param-name> <param-value>true</param-value> </context-param> <!-- An optional comma separated list of additional navigation definition files --> <context-param> <param-name>javax.faces.CONFIG_FILES</param-name> <param-value>/WEB-INF/navigation.xml</param-value> </context-param> <context-param> <description>This parameter tells MyFaces if javascript code should be allowed int th rendered HTML output. If javascript is allowed, comand_link anchors will have javascript code that submits the corresponding form. If javascript is not allowed, the state saving info and nested parameters will be added as url parameters. Default: "true"</description> <param-name>org.apache.myfaces.ALLOW_JAVASCRIPT</param-name> <param-value>true</param-value> </context-param> <context-param> <description>This parameter tells MyFaces if javascript code should be allowed int th rendered HTML output. If javascript is allowed, comand_link anchors will have javascript code that submits the corresponding form. If javascript is not allowed, the state saving info and nested parameters will be added as url parameters. Default: "false" Setting this parameter to true should be combined with STATE_SAVING_METHOD of "server" for best results. This is an experimental feature. You have to enable the decorator filter/ filter mapping below to get Javascript detection working.</description> <param-name>org.apache.myfaces.DETECT_JAVASCRIPT</param-name> <param-value>false</param-value> </context-param> <context-param> <description>If true, rendered HTML code will be formatted, so that it is "human readable". i.e. additional line separators and whitespace will be written, that do not influence HTML code. Default: "true"</description> <param-name>org.apache.myfaces.PRETTY_HTML</param-name> <param-value>true</param-value> </context-param> <context-param> <description>If true, a javascript function will be rendered that is able to restire the former vertical scroll of every request. Convenient feature if you have pages with long lists and you do not want the browser page to always jump to the top if you trigger a link or button action that stays on the same page. Default: "false"</description> <param-name>org.apache.myfaces.AUTO_SCROLL</param-name> <param-value>true</param-value> </context-param> <context-param> <param-name>org.apache.myfaces.ADD_RESOURCE_CLASS</param-name> <param-value>org.apache.myfaces.component.html.util.StreamingAddResource</param-value> </context-param> <!-- Only if needed to avoid ExtensionFilter configuration errors. However, using the StreamingAddResource in the org.apache.myfaces.ADD_RESOURCE_CLASS context-param should fix those errors. <context-param> <param-name>org.apache.CHECK_EXTENSIONS_FILTER</param-name> <param-value>false</param-value> </context-param> --> <context-param> <param-name>javax.faces.DEFAULT_SUFFIX</param-name> <param-value>.xhtml</param-value> </context-param> <context-param> <param-name>facelets.DEVELOPMENT</param-name> <param-value>true</param-value> </context-param> <context-param> <param-name>facelets.LIBRARIES</param-name> <param-value>/WEB-INF/tomahawk-sandbox-taglib.xml</param-value> </context-param> <!-- <context-param> <param-name>org.ajax4jsf.VIEW_HANDLERS</param-name> <param-value>org.jboss.seam.ui.facelet.SeamFaceletViewHandler</param-value> </context-param> <filter> <display-name>Ajax4jsf Filter</display-name> <filter-name>ajax4jsf</filter-name> <filter-class>org.ajax4jsf.Filter</filter-class> </filter> --> <filter> <filter-name>Seam Filter</filter-name> <filter-class>org.jboss.seam.servlet.SeamFilter</filter-class> </filter> <filter> <filter-name>MyFacesExtensionsFilter</filter-name> <filter-class>org.apache.myfaces.webapp.filter.ExtensionsFilter</filter-class> <init-param> <description>Set the size limit for uploaded files. Format 10 - 10 bytes 10k - 10 KB 10m - 10 MB 1g - 1 GB</description> <param-name>uploadMaxFileSize</param-name> <param-value>100m</param-value> </init-param> <init-param> <description>Set the threshold size - files below this limit are stored in memory, files above this limit are stored on disk. Format 10 - 10 bytes 10k - 10 KB 10m - 10 MB 1g - 1 GB</description> <param-name>uploadThresholdSize</param-name> <param-value>100k</param-value> </init-param> </filter> <filter> <filter-name>Seam Exception Filter</filter-name> <filter-class>org.jboss.seam.servlet.SeamExceptionFilter</filter-class> </filter> <!-- This requires a <redirect/> in the faces-config.xml for all navigation rules. It supports browser friendly URLs and allows JAAS to work correctly --> <filter> <filter-name>Seam Redirect Filter</filter-name> <filter-class>org.jboss.seam.servlet.SeamRedirectFilter</filter-class> </filter> <!-- <filter-mapping> <filter-name>ajax4jsf</filter-name> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.seam</url-pattern> </filter-mapping> <filter-mapping> <filter-name>ajax4jsf</filter-name> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.xhtml</url-pattern> </filter-mapping> <filter-mapping> <filter-name>ajax4jsf</filter-name> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.jsf</url-pattern> </filter-mapping> --> <filter-mapping> <filter-name>Seam Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>MyFacesExtensionsFilter</filter-name> <servlet-name>Faces Servlet</servlet-name> </filter-mapping> <filter-mapping> <filter-name>MyFacesExtensionsFilter</filter-name> <url-pattern>*.seam</url-pattern> </filter-mapping> <filter-mapping> <filter-name>MyFacesExtensionsFilter</filter-name> <url-pattern>*.xhtml</url-pattern> </filter-mapping> <filter-mapping> <filter-name>MyFacesExtensionsFilter</filter-name> <url-pattern>*.jsf</url-pattern> </filter-mapping> <filter-mapping> <filter-name>MyFacesExtensionsFilter</filter-name> <url-pattern>/faces/myFacesExtensionResource/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>Seam Exception Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>Seam Redirect Filter</filter-name> <url-pattern>*.jsf</url-pattern> </filter-mapping> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.seam</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.xhtml</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.jsf</url-pattern> </servlet-mapping> <servlet> <servlet-name>Seam Resource Servlet</servlet-name> <servlet-class>org.jboss.seam.servlet.ResourceServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>Seam Resource Servlet</servlet-name> <url-pattern>/seam/resource/*</url-pattern> </servlet-mapping> <!-- *********************************************************** --> <!-- Automatically created by Apache Jakarta Tomcat JspC. Place this fragment in the web.xml before all icon, display-name, description, distributable, and context-param elements. --> <servlet> <servlet-name>org.apache.jsp._500_jsp</servlet-name> <servlet-class>org.apache.jsp._500_jsp</servlet-class> </servlet> <servlet-mapping> <servlet-name>org.apache.jsp._500_jsp</servlet-name> <url-pattern>/500.jsp</url-pattern> </servlet-mapping> <!-- All session-config, mime-mapping, welcome-file-list, error-page, taglib, resource-ref, security-constraint, login-config, security-role, env-entry, and ejb-ref elements should follow this fragment. --> <!-- *********************************************************** --> <session-config> <session-timeout>180</session-timeout> <!-- 3 hours --> </session-config> <welcome-file-list> <welcome-file>index.html</welcome-file> </welcome-file-list> <error-page> <error-code>500</error-code> <location>/500.jsp</location> </error-page> <!-- Security --> <security-constraint> <web-resource-collection> <web-resource-name>EVTH</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>ReadOnlyUser</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>MyRealm</realm-name> <form-login-config> <form-login-page>/login.xhtml</form-login-page> <form-error-page>/login-error.xhtml</form-error-page> </form-login-config> </login-config> <security-role> <role-name>ReadOnlyUser</role-name> </security-role> <security-role> <role-name>TagEvents</role-name> </security-role> <security-role> <role-name>AckEvents</role-name> </security-role> <security-role> <role-name>FullAccessUser</role-name> </security-role> </web-app>
and my jboss-web.xml has:
<jboss-web> <security-domain>java:/jaas/MyRealm</security-domain> </jboss-web>