2 Replies Latest reply on Apr 2, 2002 11:54 AM by Daniel Williams

    web app secured resource always not available using Database

    Ron Stockton Newbie

      Jboss2.4.4.Tomcat4.0.1

      I am trying to secure a resource directory in my web-app using DatabaseServerLoginModule in auth.conf.

      It appears that the user gets authenticated but I thing the role is not.

      Access to the resource is always denied. If I remove the >

      <web-resource-name>SecurePages</web-resource-name>
      Security constraint for resources
      <url-pattern>/secure/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      </web-resource-collection>

      the page is displayed properly.


      I'm a little confused about the security domain entry in jboss-web.xml.

      <jboss-web>
      <security-domain>java:/jaas/TRPSECURITY</security-domain>

      <resource-ref>
      <res-ref-name>jdbc/OracleDB</res-ref-name>
      <res-type>javax.sql.DataSource</res-type>
      <jndi-name>java:/OracleDB</jndi-name>
      </resource-ref>
      </jboss-web>


      TRPSECURITY matches the name in auth.xml for the module

      Also the datasource doesn't get returned on my lookup.


      I would appreciate knowing if anyone else has role based security or datasources working in this version