1 Reply Latest reply on Mar 22, 2006 6:02 AM by Prabath Pathirana

    User login

    Prabath Pathirana Newbie

      Hi all...

      I am using JBServer-4.0.2 and JBPortal-2.0. I have created two tables in Oracle database as Principals and Roles...

      SQL> desc Principals
      Name Null? Type
      ----------------------------------------- -------- ----------------------------
      PRINCIPALID NOT NULL VARCHAR2(64)
      PASSWORD VARCHAR2(64)


      SQL> desc Roles
      Name Null? Type
      ----------------------------------------- -------- ----------------------------
      PRINCIPALID VARCHAR2(64)
      ROLE VARCHAR2(64)
      ROLEGROUP VARCHAR2(64)


      Also I have done the following configurations...

      Step One: \default\deploy\jboss-portal.sar\conf\login-config.xml
      ....
      <application-policy name="portal">

      <!-- <login-module code="org.jboss.portal.core.security.jaas.HibernateLoginModule" flag="required"> -->
      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
      <module-option name="unauthenticatedIdentity">guest</module-option>
      <module-option name="hashAlgorithm">MD5</module-option>
      <module-option name="hashEncoding">HEX</module-option>
      <module-option name="factoryJNDIName">java:/portal/SessionFactory</module-option>
      <module-option name="dsJndiName">java:/PortalDS</module-option>
      <module-option name="principalsQuery"> Select Password from Principals where PrincipalID =?</module-option>
      <module-option name="rolesQuery"> Select Role 'Roles', RoleGroup 'RoleGroups' from Roles where PrincipalID =?</module-option>
      <module-option name="additionalRole">Authenticated</module-option>
      <module-option name="password-stacking">remote</module-option>
      </login-module>

      </application-policy>
      ....
      ....


      Step Two: \default\deploy\jboss-portal.sar\portal-core.war\WEB-INF\web.xml
      Add a security constraint like follows, notice the <role-name>Admin</role-name> just like your select above.
      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Restricted</web-resource-name>
      Declarative security tests
      <url-pattern>/*</url-pattern>
      <http-method>HEAD</http-method>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      <http-method>PUT</http-method>
      <http-method>DELETE</http-method>
      </web-resource-collection>
      <auth-constraint>
      <role-name>admin</role-name>
      </auth-constraint>
      <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
      </security-constraint>

      <login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>JAAS Authentication</realm-name>
      </login-config>

      <security-role>
      <role-name>admin</role-name>
      </security-role>
      <security-role>
      <role-name>user</role-name>
      </security-role>

      Step Three: \default\deploy\jboss-portal.sar\portal-core.war\WEB-INF\jboss-web.xml
      This is the name of your application-policy from step one.
      <security-domain>java:/jaas/example2</security-domain>

      according to the http://www.jboss.org/?module=bb&op=viewtopic&p=3824215

      I configured oracle-xa-ds.xml and portal-oracle-ds.xml files

      oracle-xa-ds.xml

      <?xml version="1.0" encoding="UTF-8"?>
      
      <!-- ===================================================================== -->
      <!-- -->
      <!-- JBoss Server Configuration -->
      <!-- -->
      <!-- ===================================================================== -->
      
      <!-- $Id: oracle-xa-ds.xml,v 1.13 2004/09/15 14:37:40 loubyansky Exp $ -->
      
      <!-- ===================================================================== -->
      <!-- ATTENTION: DO NOT FORGET TO SET Pad=true IN transaction-service.xml -->
      <!-- ===================================================================== -->
      
      <datasources>
       <xa-datasource>
       <jndi-name>XAOracleDS</jndi-name>
       <track-connection-by-tx>true</track-connection-by-tx>
       <isSameRM-override-value>false</isSameRM-override-value>
       <xa-datasource-class>oracle.jdbc.xa.client.OracleXADataSource</xa-datasource-class>
       <xa-datasource-property name="URL">jdbc:oracle:thin:@cmbrnd5:1521:sedna</xa-datasource-property>
       <xa-datasource-property name="User">ip_jpf</xa-datasource-property>
       <xa-datasource-property name="Password">ip_jpf</xa-datasource-property>
       <!-- Uses the pingDatabase method to check a connection is still valid before handing it out from the pool -->
       <!--valid-connection-checker-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleValidConnectionChecker</valid-connection-checker-class-name-->
       <!-- Checks the Oracle error codes and messages for fatal errors -->
       <exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter</exception-sorter-class-name>
       <!-- Oracles XA datasource cannot reuse a connection outside a transaction once enlisted in a global transaction and vice-versa -->
       <no-tx-separate-pools/>
      
       <!-- corresponding type-mapping in the standardjbosscmp-jdbc.xml (optional) -->
       <metadata>
       <type-mapping>Oracle9i</type-mapping>
       </metadata>
       </xa-datasource>
      
       <mbean code="org.jboss.resource.adapter.jdbc.vendor.OracleXAExceptionFormatter"
       name="jboss.jca:service=OracleXAExceptionFormatter">
       <depends optional-attribute-name="TransactionManagerService">jboss:service=TransactionManager</depends>
       </mbean>
      
      </datasources>


      portal-oracle-ds.xml

      <?xml version="1.0" encoding="UTF-8"?>
      <datasources>
       <local-tx-datasource>
       <jndi-name>PortalDS</jndi-name>
       <connection-url>jdbc:oracle:thin:@cmbrnd5:1521:sedna</connection-url>
       <driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
       <user-name>ip_jpf</user-name>
       <password>ip_jpf</password>
       </local-tx-datasource>
      </datasources>
      


      But still I couldn't authenticate users using the User Portlet....

      Can some one tell me what is the wrong with the above configuration...

      Thanx...