1 Reply Latest reply on Feb 20, 2004 12:02 AM by Adrian Brock

    Please help! Problems configuring authentication.

    nerotnt Newbie

      I'm using JBoss 3.2.3.
      I've put myapp-ds.xml in the "deploy" directory:

      <?xml version="1.0" encoding="UTF-8"?>
      
      <datasources>
       <local-tx-datasource>
       <depends>jboss:service=Hypersonic</depends>
       <jndi-name>myappDS</jndi-name>
       <connection-url>jdbc:hsqldb:hsql://localhost:1701</connection-url>
       <driver-class>org.hsqldb.jdbcDriver</driver-class>
       <min-pool-size>5</min-pool-size>
       <security-domain>myapp</security-domain>
       </local-tx-datasource>
      </datasources>
      


      I've configured login-conf.xml by adding the following:
      <application-policy name = "myapp">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
       <module-option name = "dsJndiName">java:/myappDS</module-option>
       <module-option name = "principalsQuery">
       select password from users where id=?
       </module-option>
       <module-option name = "rolesQuery">
       select role, null
       from memberships m
       where m.user_ = ?
       and m.group_ = 'xpto'
       </module-option>
       </login-module>
       </authentication>
       </application-policy>
      


      In my web.xml I've added:
      <security-constraint>
       <web-resource-collection>
       <web-resource-name>user authentication</web-resource-name>
       <url-pattern>*.do</url-pattern>
       <url-pattern>*.jsp</url-pattern>
       <http-method>POST</http-method>
       <http-method>GET</http-method>
       </web-resource-collection>
       <auth-constraint>
       <role-name>user</role-name>
       </auth-constraint>
       <user-data-constraint>
       <transport-guarantee>NONE</transport-guarantee>
       </user-data-constraint>
      </security-constraint>
      
      <login-config>
       <auth-method>FORM</auth-method>
       <realm-name>xpto</realm-name>
       <form-login-config>
       <form-login-page>/login.jsp</form-login-page>
       <form-error-page>/loginError.jsp</form-error-page>
       </form-login-config>
      </login-config>
      


      In my jboss-web.xml I have:
      <jboss-web>
       <security-domain>java:/jaas/myapp</security-domain>
      </jboss-web>
      


      When I enter my webapp, I get redirected correctly to the login.jsp but every time I authenticate, I always get redirected to the loginError.jsp even if I put a correct password.

      Please help! Don't know where look anymore.