0 Replies Latest reply on Oct 9, 2003 1:03 PM by francesco milesi

    Database server module and form login problem

    francesco milesi Newbie

      I have problems logging into my web-app using form login authentication under jboss-3.2.1_tomcat-4.1.24.

      here is my configuration

      1. in login-config.xml I put

      <application-policy name = "NeutworkDomain">

      <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
      flag = "required">
      <module-option name = "dsJndiName">java:/ds/neutwork</module-option>
      <module-option name = "principalsQuery">SELECT password FROM dbo.Users WHERE userName=?</module-option>
      <module-option name = "rolesQuery">SELECT theGroup, 'roles' FROM dbo.Users WHERE userName=?</module-option>
      <!--module-option name = "unauthenticatedIdentity">guest</module-option-->
      </login-module>
      <login-module code = "org.jboss.security.ClientLoginModule" flag = "required"/>

      </application-policy>

      note that the datasource works correctly


      2. my jboss-web.xml is like this

      <jboss-web>
      <security-domain>java:/jaas/NeutworkDomain</security-domain>
      </jboss-web>



      3. my web.xml is like this
      <web-app>


      <taglib-uri>/taglib.tld</taglib-uri>
      <taglib-location>taglib.tld</taglib-location>



      <taglib-uri>/wmltaglib.tld</taglib-uri>
      <taglib-location>wmltaglib.tld</taglib-location>


      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Sample Application</web-resource-name>
      Require users to authenticate
      <url-pattern>*.jsp</url-pattern>
      <http-method>POST</http-method>
      <http-method>GET</http-method>
      </web-resource-collection>
      <auth-constraint>
      Only allow users role
      <role-name>users</role-name>
      </auth-constraint>
      <user-data-constraint>
      Encryption is not required for the application in general.

      <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
      </security-constraint>
      <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/login_error.html</form-error-page>
      </form-login-config>
      </login-config>
      <security-role>
      <role-name>users</role-name>
      </security-role>

      </web-app>



      4. my login page is




      Username:


      Password:









      The authentication form appears correctly with the session id set in the URL, but if authenticate with
      an existing user/password I get the following error


      HTTP Status 403 - Access to the requested resource has been denied

      message Access to the requested resource has been denied

      description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.


      and nothing is reported in jboss logs.
      If I login with a wrong user or wrong password I am redirected to the error page and get the following
      errors in the logs:

      WRONG USER:
      javax.security.auth.login.FailedLoginException: No matching username found in Principals

      WRONG PASSWORD:
      javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required

      It seems that jboss finds the user and password, but I cannot login anyway...
      If I stop the dbms I gets errors showing that database server security module is correctly called by the login procedure and seems to work.
      Why can't I authenticate ?




      The last two remarks:
      1. when I deploy the application I get the following error

      javax.management.InstanceAlreadyExistsException: jboss.management.local:J2EEServer=Local,j2eeType=J2EEApplication,name=Neutwork.ear already registered.
      at org.jboss.mx.server.registry.BasicMBeanRegistry.add(BasicMBeanRegistry.java:617)
      at org.jboss.mx.server.registry.BasicMBeanRegistry.registerMBean(BasicMBeanRegistry.java:198)
      at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)

      I don't know if this has something to do with my problem and where this last one comes from and how I can solve it.

      2. if I switch to BASIC login I have the same problem.


      thanks in advance and sorry for beeing long ;-)


      ciao francesco