1 Reply Latest reply on Jul 31, 2002 8:01 AM by Jussi Pöri

    DatabaseServerLoginModule failed ??

    Eric Chow Apprentice

      Hello,

      Failed to use DatabaseServerLoginModule in JBoss3/Jetty.

      My configuration is as following:

      login-config.xml
      ===============================
      <application-policy name = "testadmin">

      <login-module
      code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"/>
      <module-option name="dsJndiName">java:/MySqlDS
      </module-option>
      <module-option name="principalsQuery">
      SELECT password FROM RealmUser WHERE username=?
      </module-option>
      <module-option name="rolesQuery">
      SELECT userrole, rolegroup FROM RealmUserRoles WHERE username=?
      </module-option>
      <module-option name="unauthenticatedIdentity">
      guest
      </module-option>

      </application-policy>




      jboss-web.xml
      ==============
      <!DOCTYPE jboss-web
      PUBLIC "-//JBoss//DTD Web Application 2.3//EN"
      "http://www.jboss.org/j2ee/dtd/jboss-web_3_0.dtd">

      <jboss-web>
      <context-root>/test</context-root>
      <security-domain>java:/jaas/testadmin</security-domain>
      </jboss-web>



      web.xml
      ===============
      <security-constraint>
      <display-name>Example Security Constraint</display-name>
      <web-resource-collection>
      <web-resource-name>Protected Area</web-resource-name>
      <!-- Define the context-relative URL(s) to be protected -->
      <url-pattern>/*</url-pattern>
      <!-- If you list http methods, only those methods are protected -->
      <http-method>DELETE</http-method>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      <http-method>PUT</http-method>
      </web-resource-collection>

      <auth-constraint>
      <!-- Anyone with one of the listed roles may access this area -->
      <role-name>admin</role-name>
      <role-name>manager</role-name>
      </auth-constraint>
      </security-constraint>

      <!-- Default login configuration uses form-based authentication -->

      <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>testadmin</realm-name>
      <form-login-config>
      <form-login-page>/login.html</form-login-page>
      <form-error-page>/error.html</form-error-page>
      </form-login-config>
      </login-config>



      When tried to login, the following exception displayed:
      =========================================================
      2002-07-31 10:44:17,660 ERROR [org.jboss.security.auth.spi.DatabaseServerLoginModule] Query failed
      java.sql.SQLException: Table not found: PRINCIPALS in statement [select Password from Principals where PrincipalID='test']
      at org.hsqldb.Trace.getError(Trace.java:180)
      at org.hsqldb.Result.(Result.java:175)
      at org.hsqldb.jdbcConnection.executeHSQL(jdbcConnection.java:907)
      at org.hsqldb.jdbcConnection.execute(jdbcConnection.java:718)
      at org.hsqldb.jdbcStatement.fetchResult(jdbcStatement.java:686)
      at org.hsqldb.jdbcStatement.executeQuery(jdbcStatement.java:68)
      at org.hsqldb.jdbcPreparedStatement.executeQuery(jdbcPreparedStatement.java:133)
      at org.jboss.resource.adapter.jdbc.local.LocalPreparedStatement.executeQuery(LocalPreparedStatement.java:289)
      at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:100)
      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:142)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:664)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:599)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:596)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:523)
      at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:381)
      at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:347)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:215)
      at org.jboss.jetty.security.JBossUserRealm$JBossUserPrincipal.isAuthenticated(JBossUserRealm.java:72)
      at org.jboss.jetty.security.JBossUserRealm$JBossUserPrincipal.authenticate(JBossUserRealm.java:133)
      at org.jboss.jetty.security.JBossUserRealm.authenticate(JBossUserRealm.java:232)
      at org.mortbay.jetty.servlet.ServletHandler.authenticated(ServletHandler.java:802)
      at org.mortbay.http.SecurityConstraint.check(SecurityConstraint.java:297)
      at org.mortbay.http.handler.SecurityHandler.handle(SecurityHandler.java:302)
      at org.mortbay.http.HttpContext.handle(HttpContext.java:1387)
      at org.mortbay.http.HttpContext.handle(HttpContext.java:1326)
      at org.mortbay.http.HttpServer.service(HttpServer.java:757)
      at org.jboss.jetty.Jetty.service(Jetty.java:527)
      at org.mortbay.http.HttpConnection.service(HttpConnection.java:742)
      at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:915)
      at org.mortbay.http.HttpConnection.handle(HttpConnection.java:757)
      at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:151)
      at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:287)
      at org.mortbay.util.ThreadPool$JobRunner.run(ThreadPool.java:715)
      at java.lang.Thread.run(Thread.java:536)
      2002-07-31 10:44:17,770 DEBUG [org.jboss.security.plugins.JaasSecurityManager.testadmin] Login failure




      JBoss seems not follow my SQL query to get the password and roles, and also, I specify a Datasource to MySQL, but it use HSQL.


      Please help.

      Best regards,
      Eric


        • 1. Re: DatabaseServerLoginModule failed ??
          Jussi Pöri Newbie

          My login-conf is little different. check your <login-module>!

          -jussi

          ===========
          <application-policy name="domain">

          <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
          <module-option name="dsJndiName">java:/DBPOOL</module-option>
          <module-option name="principalsQuery">select PASSWD from USERS where USERNAME=?</module-option>
          <module-option name="rolesQuery">select ROLE,ROLEGROUP from ROLES where USERNAME=?</module-option>
          <module-option name="unauthenticatedIdentity">nobody</module-option>
          </login-module>

          </application-policy>