1 Reply Latest reply on Apr 24, 2014 8:19 AM by vintubr

    Database login-module

    jjakub
    jjakub Mar 11, 2014 3:33 PM
      Could someone please send full standalone.xml for eap 6.2, or it's vital parts.

       

       

      I want to configure basic web.xml auth with database realm, but I always finish with error.
      Is there a difference in configuration between jboss 7.1 and jboss 7.3 and eap 6.2 ?

       

      In <subsystem xmlns="urn:jboss:domain:security:1.2">

       

      I added

       

                      <security-domain name="mysqldomain" cache-type="default">
                           <authentication>
                              <login-module code="Database" flag="required">
                                  <module-option name="dsJndiName" value="java:jboss/datasources/petclinicDS"/>
                                   <module-option name="principalsQuery" value="select passwd from USERS where login=?"/>
                                  <module-option name="rolesQuery" value="select role 'Roles' from USER_ROLES where login=?"/>
                               </login-module>
                          </authentication>
                      </security-domain>

       

      database java:jboss/datasources/petclinicDS is ok, it is used in petclinic app and works.

      and in jboss-web.xml:

       

      <jboss-web>
      <security-domain>java:/jaas/mysqldomain</security-domain>
      also tried with <security-domain>mysqldomain</security-domain>
      </jboss-web>

      and in web.xml:

      <?xml version="1.0" encoding="UTF-8"?>

      <web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

          xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"

          version="2.5">

      <security-constraint>

          <web-resource-collection>

              <url-pattern>/*</url-pattern>

          </web-resource-collection>

          <auth-constraint>

              <role-name>Manager</role-name>

          </auth-constraint>

      </security-constraint>

      <login-config>

          <auth-method>BASIC</auth-method>

          <realm-name>Sample Realm</realm-name>

      </login-config>

      <security-role>

          <role-name>Manager</role-name>

      </security-role>

      </web-app>

      BR

      Jakub

        • 1. Re: Database login-module
          vintubr
          vintubr Apr 24, 2014 8:19 AM (in response to jjakub)

          Hi,

           

          As you did not post the error you faced, I am going to put some suggestions for you to check:

           

          In your standalone.xml, improve: org.jboss.security log messages:

          <subsystem xmlns="urn:jboss:domain:logging:1.3">
     ...
     <logger category="org.jboss.security">
          <level name="TRACE"/>
     </logger>
     ...
</subsystem>

          Restart JBoss and check server.log file for messages.

           

          Try to add the realm in the standalone.xml:

          <management>
     <security-realms>
          <security-realm name="mysqldomain">
               <authentication>
                    <jaas name="mysqldomain"/>
               </authentication>
          </security-realm>
     </security-realms>
     ...
</management>

           

          In your: jboss-web.xml, change the security-domain to:

          <security-domain>mysqldomain</security-domain>

           

          I hope it helps you to solve your problem.

           

          Regards.

            • Actions