1 Reply Latest reply on May 5, 2004 9:34 PM by nikhilkumar

    Help! Form-based authentication issue

    nikhilkumar Newbie

      I have been trying to implement form-based authentication. The platform is JBOSS 3.2.3 on Windows XP Home edition. I am seeking help -- suggestions, debug recommendations, or, if I have overlooked the obvious!

      1. My expectations:

      I expect that when I access a restricted resource I will be sent to the Login.jsp. If I correctly fill in the UserID and password, I will be routed to the restricted resource. If the login fails, I will be routed to the Error.htm.

      2. What happens:
      I am routed to the Login.jsp (correct) but the login always routes me to the Error.htm page.

      The current setup:

      1. login-conf (located in\jboss\jboss-3.2.3\server\default\conf)

      <!-- A template configuration for the AES ial web application. This
      defaults to the UsersRolesLoginModule the same as other and should be
      changed to a stronger authentication mechanism as required.
      <application-policy name = "ial">

      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
      flag = "required" />


      2. The web.xml (located in the WAR location of ial\web\WEB-INF)


      - Deployment descriptor for an authenticated
      - section of the web site.
      Declarative security
      No descrp




      3. The jboss-web.xml (same location as web.xml)

      <!-- Uncomment this element to add security for the application -->

      4. The application.xml located in ial\META-INF

      5. The jboss-app.xmllocated in ial\META-INF
      <jboss-app />
      6. The user.properties and the roles.properties files contents respectively (located in jboss\jboss-3.2.3\server\default\conf)
      # A roles.properties file for use with the UsersRolesLoginModule
      # Format is
      # username=role1,role2,role3
      # users.properties file for use with the UsersRolesLoginModule
      # Format is:
      # username=password