1 Reply Latest reply on May 21, 2010 2:52 AM by Patrick Mingard

    Realm configuration problems using DataSourceRealm

    Patrick Mingard Newbie

      Hi,

       

      My name is Patrick, from Switzerland, and I'm new on Java EE and JBoss. I started a few weeks ago to learn how to devlop in Java EE and succeeded in much tests. I first tried to make a small servlet in a WAR archive, then having an EJB-JAR archive as well with entities and stateless session beans, together packaged in EAR archive. Everything is going perfectly well and my testing application, a small currency-change application, is working (add currencies, define currencies rates and conversion).

       

      Now, I'm trying to go a bit further by protecting my servlets with username and password.

       

      First, here is my environment :

       

      JBoss 5.1.0

      MyEclipse (but packaging everything using ANT)

      JPA / EJB 3

      Hypersonic Database (for testing and learning, this DB is fine I guess)

       

      My JNDI env contains this entry (in JMX console, service JNDI view) :

       

      java: Namespace

      +- DefaultDS (class: org.jboss.resource.adapter.jdbc.WrapperDataSource)

       

       

      Now, I try to configure the Realm element. I have to say here that I read a lot of time that context.xml should be place in /META-INF/ directory (here : http://docs.jboss.org/jbossweb/en/html/docs/config/context.html).
      All my tests asserts that context.xml is never taken into account when I place it in /META-INF/ but is evaluated when placed in /WEB-INF/. I'm not sure if it is important, but for the rest of my question, consider the context.xml is placed in /WEB-INF/ directory.

       

      Here is the code :

       

      <Context>
          <Realm className="org.apache.catalina.realm.DataSourceRealm"
                  dataSourceName="java:DefaultDS"
                  userTable="users"
                  userRoleTable="user_roles"
                  userNameCol="user_name"
                  userCredCol="user_pass"
                  roleNameCol="role_name"
                  localDataSource="true"
              />
      </Context>

       

      And here is the security part of web.xml (rest is mostly servlet mapping) :

       

      <security-constraint>
        <display-name>Security constraint for all servlets</display-name>
        <web-resource-collection>
         <web-resource-name>Protected area</web-resource-name>
         <url-pattern>/servlet/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
         <role-name>admin</role-name>
        </auth-constraint>
      </security-constraint>
      <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>CurrencyManager</realm-name>
        <form-login-config>
         <form-login-page>/login.jsp</form-login-page>
         <form-error-page>/loginerror.jsp</form-error-page>
        </form-login-config>
      </login-config>
      <security-role>
        <role-name>admin</role-name>
      </security-role>

       

      I also tried using dataSourceName="DefaultDS" or jdbc/DefaultDS or java:comp/env/DefaultDS, I always get the same error when I log in

       

       

      login.jsp file is perfectly standard and contains :

       

          <form action="j_security_check" method="post">
              <table>
                  <tr>
                      <td>User name : </td>
                      <td><input type="text" name="j_username" /></td>
                  </tr>
                  <tr>
                      <td>Password : </td>
                      <td><input type="password" name="j_password" /></td>
                  </tr>
                  <tr>
                      <td> </td>
                      <td><input type="submit" value="connect" /></td>
                  </tr>
              </table>
          </form>

       

      When I try to log in, I always get this error :

       

      javax.naming.NameNotFoundException: Le Nom java:DefaultDS n'est pas lié à ce context.

       

      Well, the exception message is in french, but it means (java:DefaultDS name is not bound to this context) or close to this.

       

      I guess this problem is due to the fact that the security Realm is placed in the web container context, which has by default no access to the database. I have no problem accessign the database through my entities in my EJB-JAR application. Let me know if i'm wrong.

       

      Fine, I guess I have to make a reference to the database in the context of my web container (I have to say I'm really not used to context and this part of java programming is kind of... obscure.. to not say... annoying).

       

      So my web.xml is modified with this additional lines :

       

      <resource-ref>
        <description>The default DS</description>
        <res-ref-name>java:DefaultDS</res-ref-name>
        <res-type>javax.sql.DataSource</res-type>
        <res-auth>Container</res-auth>
      </resource-ref>

       

       

      Now the only exception I get is during deployment :

       

      java.lang.RuntimeException: mapped-name is required for java:DefaultDS of deployment testEJB-web.war

       

      Well... let me guess I need a mapped-name attribute in my web.xml.

       

      I made this change :

       

      <resource-ref>
        <description>The default DS</description>
        <res-ref-name>jdbc/DefaultDS</res-ref-name>
        <res-type>javax.sql.DataSource</res-type>
        <res-auth>Container</res-auth>
        <mapped-name>java:DefaultDS</mapped-name>
      </resource-ref>

       

       

       

      And I'm back with my first exception stating java:DefaultDS is not bound to this context. I tried to place DefaultDS, java:comp/env/DefaultDS or jdbc/DefaultDS and almost any combining of these possibilities in the res-ref-name, mapped-name and realm name attributes in my files. I always get an exception when I try to log in.

       

       

       

      So, let me come to my question : what can I do for this realm configuration ? I'm really stuck now

       

       

       

      Last precision : I heard about a jboss-web.xml file in the WEB-INF directory that could replace the web.xml resource configuration and tried some things like :

       

       

       

      <jboss-web>
          <resource-ref>
              <res-ref-name>jdbc/DefaultDS</res-ref-name>
              <res-type>javax.sql.DataSource</res-type>
              <jndi-name>java:DefaultDS</jndi-name>
          </resource-ref>
      </jboss-web>

       

       

       

      But did not see any message of any kind (exception or info or warn or whatever) stating that my file was parsed by the JBoss server.

       

       

       

      Any help would be really appreciated, I'm kind of wasting so much time (almost 4 days entirely for this problem) without solving it.

       

       

       

      Thanks, and sorry if I made some language mistakes, I guess my english is not bad, but not perfect either

        • 1. Re: Realm configuration problems using DataSourceRealm
          Patrick Mingard Newbie

          Hi again,

           

          After a while on french forums, someone gave me a hint to resolve my problem. In fact, I did not really resolve it but changed completely to something similar. I post here for the case someone searching for the same answer falls on my topic.

           

          Here is the configuration of the WEB-INF/web.xml file (security part only) :

           

          <security-constraint>
            <display-name>Security constraint for Currency Manager</display-name>
            <web-resource-collection>
             <web-resource-name>Protected area</web-resource-name>
             <url-pattern>/servlet/CurrencyConverter</url-pattern>
            </web-resource-collection>
            <auth-constraint>
             <role-name>admin</role-name>
            </auth-constraint>
          </security-constraint>
          <login-config>
            <auth-method>FORM</auth-method>
            <realm-name>CurrencyManager</realm-name>
            <form-login-config>
             <form-login-page>/login.jsp</form-login-page>
             <form-error-page>/loginerror.jsp</form-error-page>
            </form-login-config>
          </login-config>
          <security-role>
            <role-name>admin</role-name>
          </security-role>

           

          Here is the WEB-INF/jboss-web.xml file I placed

           

          <jboss-web>
               <security-domain>java:/jaas/currencysecurity</security-domain>
          </jboss-web>

           

          Here is where it becomes really different, I did change the server\default\conf\login-config.xml file of my JBoss config. Just add a new application-policy with this configuration and I worked perfectly well for me.

           

          <application-policy name="currencysecurity"> 
              <authentication>
                  <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
                                   flag="required">
                      <module-option name="dsJndiName">java:/DefaultDS</module-option>
                      <module-option name="principalsQuery">  
                          select user_pass from users where user_name=?
                      </module-option>
                      <module-option name="rolesQuery">
                          select role_name,'Roles' from user_roles where user_name=?
                      </module-option>
                  </login-module>
              </authentication>
          </application-policy>

           

          Hope this will help someone some day

           

          Cya soon for new questions !