I get a similiar error when trying to use basic auth. I'm sure I'm not specifying the security domain in jboss-web.xml properly. How did you do it for basic ? Also, do we have to implement the login ourselves in a servlet ? Surely jboss should do this for us thru j_security_check ?
Your login-config section in the web.xml should look similar to this:
And in the login.jsp page the action of the form should be set to "j_security_check". The name of the input field containing the name should be j_username and the field of the password should be j_password.
Jboss handles the calls the DatabaseServerLoginModule for you.
Thanks for your answer, I also tried that, but with no luck.
My web.xml looks like this:
The jsp login page calls j_security_check with j_username and j_password, but no matter what login I use (correct or incorrect) the login_failed.jsp page gets displayed.
On the server it says (using incorrect credentials)
18:44:15,368 WARN [JBossUserRealm#testDB] authentication failure: xxx
When I use a correct username and password, just
18:44:16,259 INFO [Jetty] JSP: init
is displayed and the login_failed.jsp in the browser.
Does anyone have an explanation for this.
Thanks a lot.
I have had it running like sharkman describes it for a while now on jBoss3.01RC1, but i recently changed to jBoss3.0.1 and now my login jsp page is just rendered blank. What jBoss version are you guys on?
Are there typos in your policy?
(1) Select passwd from Users username where username=?
--> why put a username after Users? is it an alias?
(2) Select userRoles, 'Roles' from ...
--> why single quoted Roles?
(3) <module-option name = "dsJndiMName">
--> should it be dsJndiName? you put an extra M in the middle.
In addition, I think Role shoulds be the first selected field and RoleGroup the next.
Here is my policy and it works:
<application-policy name = "farglory">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "dsJndiName">java:/TaiwuDS</module-option>
<module-option name = "principalsQuery">select Password from JAASPrincipal where PrincipalID=?</module-option>
<module-option name = "rolesQuery">select Role, RoleGroup from JAASRole where PrincipalID=?</module-option>
Thank you very much for your answers. I will try this.