2 Replies Latest reply on May 26, 2006 11:26 AM by drapierwimATgmailDOTcom

    404 error with JAAS

    drapierwimATgmailDOTcom Newbie

      I'm kind off stuck here with implementing JAAS security, I have the following error in my browser.

      HTTP Status 404 - /fisconet/j_security_check
      type Status report
      message /fisconet/j_security_check
      description The requested resource (/fisconet/j_security_check) is not available.

      I've followed the trailblazer instructions for this with no success.
      As a result of that I found another topic in this forum and added a
      login-config.xml again with no success.
      Did I forgot something or left something out?

      My webpage
      ...
      <div id="login">
       <form action="j_security_check" method="post">
       Name:<input type="text" name="j_username" size="10"/>
       Password:<input type="password" name="j_password" size="10"/>
       <input type="submit" value="Login" />
       </form>
       </div>
      ...
      

      The web.xml
      <?xml version="1.0" ?>
      <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
       version="2.4">
      
       <listener>
       <listener-class>org.jboss.seam.servlet.SeamListener</listener-class>
       </listener>
      
       <listener>
       <listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
       </listener>
      
       <!-- Global JNDI name pattern for JBoss EJB3 (change for other servers) -->
       <context-param>
       <param-name>org.jboss.seam.core.init.jndiPattern</param-name>
       <param-value>jboss-seam-fisconet/#{ejbName}/local</param-value>
       </context-param>
      
       <context-param>
       <param-name>org.jboss.seam.core.init.componentClasses</param-name>
       <param-value>org.jboss.seam.core.Jbpm</param-value>
       </context-param>
      
       <context-param>
       <param-name>org.jboss.seam.core.jbpm.processDefinitions</param-name>
       <param-value>post.jpdl.xml</param-value>
       </context-param>
      
       <context-param>
       <param-name>org.jboss.seam.core.jbpm.pageflowDefinitions</param-name>
       <param-value>pageflow.jpdl.xml</param-value>
       </context-param>
      
       <context-param>
       <param-name>org.jboss.seam.core.manager.conversationTimeout</param-name>
       <param-value>30000</param-value>
       </context-param>
      
       <context-param>
       <param-name>org.jboss.seam.core.init.debug</param-name>
       <param-value>true</param-value>
       </context-param>
      
       <context-param>
       <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
       <param-value>client</param-value>
       </context-param>
      
       <context-param>
       <param-name>facelets.DEVELOPMENT</param-name>
       <param-value>true</param-value>
       </context-param>
      
       <context-param>
       <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
       <param-value>.xhtml</param-value>
       </context-param>
      
      
       <filter>
       <filter-name>Seam Exception Filter</filter-name>
       <filter-class>org.jboss.seam.servlet.SeamExceptionFilter</filter-class>
       </filter>
      
       <filter>
       <filter-name>Seam Redirect Filter</filter-name>
       <filter-class>org.jboss.seam.servlet.SeamRedirectFilter</filter-class>
       </filter>
      
       <filter-mapping>
       <filter-name>Seam Exception Filter</filter-name>
       <url-pattern>/*</url-pattern>
       </filter-mapping>
      
       <filter-mapping>
       <filter-name>Seam Redirect Filter</filter-name>
       <url-pattern>*.seam</url-pattern>
       </filter-mapping>
      
       <servlet>
       <servlet-name>Faces Servlet</servlet-name>
       <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
       <load-on-startup>1</load-on-startup>
       </servlet>
      
       <servlet-mapping>
       <servlet-name>Faces Servlet</servlet-name>
       <url-pattern>*.seam</url-pattern>
       </servlet-mapping>
      
       <context-param>
       <param-name>org.jboss.seam.core.init.managedPersistenceContexts</param-name>
       <param-value>entityManager</param-value>
       </context-param>
      
       <context-param>
       <param-name>entityManager.persistenceUnitJndiName</param-name>
       <param-value>java:/accountingEntityManagerFactory</param-value>
       </context-param>
      
       <security-constraint>
       <web-resource-collection>
       <web-resource-name>
       Fisconet accounting EE5 application
       </web-resource-name>
       <url-pattern>/post.xhtml</url-pattern>
       <url-pattern>/postdetails.xhtml</url-pattern>
       <url-pattern>/postcomplete.xhtml</url-pattern>
       <url-pattern>/debitor.xhtml</url-pattern>
       <url-pattern>/creditor.xhtml</url-pattern>
       <url-pattern>/bookings.xhtml</url-pattern>
       <url-pattern>/accounts.xhtml</url-pattern>
       <url-pattern>/periods.xhtml</url-pattern>
       </web-resource-collection>
      
       <auth-constraint>
       <role-name>AdminUser</role-name>
       <role-name>RegularUser</role-name>
       </auth-constraint>
      
       <user-data-constraint>
       <transport-guarantee>NONE</transport-guarantee>
       </user-data-constraint>
       </security-constraint>
      
       <security-role>
       <description>Authorized to access everything.</description>
       <role-name>AdminUser</role-name>
       </security-role>
       <security-role>
       <description>Authorized to limited access.</description>
       <role-name>RegularUser</role-name>
       </security-role>
      
       <login-config>
       <auth-method>FORM</auth-method>
       <form-login-config>
       <form-login-page>/home.xhtml</form-login-page>
       <form-error-page>/loginfailed.xhtml</form-error-page>
       </form-login-config>
       </login-config>
      
      </web-app>
      


      my users.properties form the root of my .jar
      # org.jboss.security.auth.spi.UsersRolesLoginModule username to password mapping
      admin=jboss
      user=ejb3
      

      my roles.properties form the root of my .jar
      # org.jboss.security.auth.spi.UsersRolesLoginModule username to roles mapping
      admin=AdminUser,RegularUser
      user=RegularUser
      

      The login-config.xml from my .ear/META-INF
      <?xml version='1.0'?>
      <!DOCTYPE policy PUBLIC
       "-//JBoss//DTD JBOSS Security Config 3.0//EN"
       "http://www.jboss.org/j2ee/dtd/security_config.dtd">
      
      <policy>
       <application-policy name = "other">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag = "required" />
       </authentication>
       </application-policy>
      </policy>