2 Replies Latest reply on Sep 6, 2012 8:58 PM by Felix Roske

    How do I reference to a security-domain

    Felix Roske Newbie

      Hello JBoss-Users,

       

      I'm new in this community and hop that this is the correct place to post this question.

       

      I want to use a database to perform user-authentication.

      I configured in web.xml :

       

        <login-config>

          <auth-method>FORM</auth-method>

          <realm-name>FxRichFacesTest</realm-name>

          <form-login-config>

            <form-login-page>/faces/login.xhtml</form-login-page>

            <form-error-page>/faces/loginerror.xhtml</form-error-page>

          </form-login-config>

        </login-config>

       

        <security-constraint>

          <web-resource-collection>

            <web-resource-name>FxRichFacesTest</web-resource-name>

            <url-pattern>/faces/user/*</url-pattern>

            <http-method>GET</http-method>

            <http-method>POST</http-method>

          </web-resource-collection>

          <auth-constraint>

            <role-name>user</role-name>

          </auth-constraint>

        </security-constraint>

       

      And in standalone.xml:

       

                     <security-domain name="FxRichFacesTest">

                          <authentication>

                              <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">

                                  <module-option name="dsJndiName" value="java:jboss/datasources/jbossDS"/>

                                  <module-option name="principalsQuery" value="select passwd from users where username=?"/>

                                  <module-option name="rolesQuery" value="select userroles,'Roles' from userroles where username=?"/>

                                  <module-option name="hashAlgorithm" value="MD5"/>

                                  <module-option name="hashEncoding" value="base64"/>

                              </login-module>

                          </authentication>

                      </security-domain>

       

      But the subsystem doesn't check my database...

      In the log I see that it tries to check to the predefined security-domain named "other"...

      How do I connect my security-domain with my security-constraint?

      In every use-case I googled I do not see any difference to my configuration... Where is my mistake?

       

      Thank you very much,

      Felix