2 Replies Latest reply on Jan 24, 2002 11:47 AM by Roman

    Weirdness with DatabaseServerLoginModule - Please Help Secur

    N Newbie

      Running JBoss-2.4.4_Tomcat-4.0.1.

      I'm trying to do BASIC auth. Originally I configured JBoss and my web app to use the UsersRolesLoginModule
      and everything worked fine. Once I configured it to use the DatabaseServerLoginModule it didn't work.
      I'm completely baffled and would appreciate anyone's help.
      In my auth.conf file I have:

      jdbcRealm {
      org.jboss.security.auth.spi.DatabaseServerLoginModule required
      dsJndiName="java:/MyDataSource"
      principalsQuery="select password from PRINCIPALS where principal_id=?"
      rolesQuery="select role, role_group from ROLES where principal_id=?";
      };

      I can run each one of these SQL statements manually and they run fine. So, I know my statements are
      correct and my data is correct.
      Now I link to this through my jboss-web.xml that has it listed as this:

      <jboss-web>
      <security-domain>java:/jaas/jdbcRealm</security-domain>
      </jboss-web>

      I get the box pop-up when accessing my web app through the browser and I enter the correct
      user name and password but it never accepts it. Looking through the trace statements in the log
      and the source code for DatabaseServerLoginModule, it looks like the user name and password that
      I enter into the pop-up never reaches my SecurityManager and therefore remains null. I'm confident that I
      have everything set up correctly but this behavior has got me baffled.
      By the way, when I ran Scott Starks example2 with the DatabaseServerLoginModule, I got
      the exact same behavior as I'm getting now. It didn't work.

      Server.log below:
      [15:53:57,003,JaasSecurityManagerService] Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@74a6e2
      [15:53:57,003,JaasSecurityManagerService] setCachePolicy, c=org.jboss.util.TimedCachePolicy@69113
      [15:53:57,003,jdbcRealm] CachePolicy set to: org.jboss.util.TimedCachePolicy@69113
      [15:53:57,003,JaasSecurityManagerService] Added jdbcRealm, org.jboss.security.plugins.SecurityDomainContext@1e8c34 to map
      [15:53:57,143,DatabaseServerLoginModule] initialize
      [15:53:57,143,DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/MyDataSource
      [15:53:57,153,DatabaseServerLoginModule] principalsQuery=select password from PRINCIPALS where principal_id=?
      [15:53:57,153,DatabaseServerLoginModule] rolesQuery=select role, role_group from ROLES where principal_id=?
      [15:53:57,153,DatabaseServerLoginModule] login
      [15:53:57,153,DatabaseServerLoginModule] Authenticating as unauthenticatedIdentity=null
      [15:53:57,253,DatabaseServerLoginModule] abort
      [15:54:13,337,DatabaseServerLoginModule] initialize
      [15:54:13,337,DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/MyDataSource
      [15:54:13,337,DatabaseServerLoginModule] principalsQuery=select password from PRINCIPALS where principal_id=?
      [15:54:13,337,DatabaseServerLoginModule] rolesQuery=select role, role_group from ROLES where principal_id=?
      [15:54:13,337,DatabaseServerLoginModule] login
      [15:54:13,347,DatabaseServerLoginModule] abort
      [15:54:13,367,jdbcRealm] Login failure
      javax.security.auth.login.FailedLoginException: No matching username found in Principals
      at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:97)
      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:145)

      Thanks for your help.