JAAS authentication in jboss 7 using customloginmodule (DatabaseServerLoginModule)
shwetha_manjunatha Dec 11, 2013 6:56 AMHi All,
I am using picketlink on jboss 7.1.1 using spring mvc.Below are my configurations:
picketlink-idfed.xml:
<PicketLinkIDP xmlns="urn:picketlink:identity-federation:config:1.0" >
<IdentityURL>${idp.url::http://localhost:8080/nios/}</IdentityURL>
<Trust>
<Domains>localhost,jboss.com,jboss.org,amazonaws.com</Domains>
</Trust>
</PicketLinkIDP>
picketlink-handlers.xml:
<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler"/>
<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler">
<Option key="DISABLE_ROLE_PICKING" value="true"/>
</Handler>
<!-- <Handler class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler"/>
--></Handlers>
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd "
version="3.0" metadata-complete="true">
<!-- The definition of the Root Spring Container shared by all Servlets
and Filters -->
<welcome-file-list>
<welcome-file></welcome-file>
</welcome-file-list>
<!-- <security-constraint>
<web-resource-collection>
<web-resource-name>Manager command</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
<role-name>manager</role-name>
<role-name>Sales</role-name>
<role-name>Employee</role-name>
</auth-constraint>
</security-constraint> -->
<!-- Processes application requests -->
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/resources/spring/dispatcher-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
<async-supported>true</async-supported>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<error-page>
<error-code>404</error-code>
<location>/WEB-INF/jsp/404Error.jsp</location>
</error-page>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/resources/log4j.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<jsp-config>
<taglib>
<taglib-uri>http://jakarta.apache.org/taglibs/unstandard-1.0</taglib-uri>
<taglib-location>/resources/tld/unstandard.tld</taglib-location>
</taglib>
</jsp-config>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>PicketLink IDP Application</realm-name>
<form-login-config>
<form-login-page>/jsp/loginUser.jsp</form-login-page>
<form-error-page>/jsp/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>*</role-name>
</security-role>
</web-app>
context.xml in WEB-INF
<Context>
<Valve
className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPSAMLDebugValve" />
<Valve
className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve"
signOutgoingMessages="false"
ignoreIncomingSignatures="true"/>
</Context>
loginUser.jsp:
<html><head><title>Login Page</title></head>
<body>
<font size='5' color='blue'>Please Login</font><hr>
<form action='j_security_check' method='post'>
<table>
<tr><td>Name:</td>
<td><input type='text' name='j_username'></td></tr>
<tr><td>Password:</td>
<td><input type='password' name='j_password' size='8'></td>
</tr>
</table>
<br>
<input type='submit' value='login'>
</form></body>
</html>
and standalone.xml configuration is done accordingly..
On providing username and password in login page i am not able to authenticate.Can someone point out if there are any configuration issues?
Any help would be appreciated.
Thanks
Swetha