0 Replies Latest reply on May 5, 2004 11:46 AM by nikhilkumar

    Desparate Help!- Login config using database - JBOSS

    nikhilkumar Newbie

      I am trying to implement form-based authentication in a JBOSS 3.2.3/ Embedded Tomcat/ Firebird database environment. I have tested that I can login into Firebird using isql for the user id/ password combination that I have. It seems to go past any jdbc connection errors (no stack/ failures). However, Tomcat chokes with a "HTTP Status 403 - Access to the requested resource has been denied" message.
      My login-config.xml has the following entries:

      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
      flag="required">
      <module-option name="dsJndiName">java:/IAL-AUTH-DS</module-option>
      <module-option name="principalsQuery">select pr_password from principals where principal_id=?</module-option>
      <module-option name="rolesQuery">select user_role, role_group from roles where principal_id=?</module-option>
      </login-module>


      My firebird..-xa-ds.xml has


      <connection-factories>

      <tx-connection-factory>
      <jndi-name>IAL-AUTH-DS</jndi-name>
      <xa-transaction/>
      <adapter-display-name>Firebird Database Connector</adapter-display-name>
      <config-property name="Database" type="java.lang.String">localhost/3050:/home2/niprdev/db/niprdev_auth.GDB</config-property>
      <user-name>test</user-name>
      test
      <!--additional properties. only use one way of setting tx isolation, please
      <config-property name="TransactionIsolation"></config-property>
      <config-property name="TransactionIsolationName">TRANSACTION_READ_COMMITTED</config-property>
      <config-property name="BlobBufferLength"></config-property>
      <config-property name="Encoding">UNICODE_FSS</config-property>
      -->
      <min-pool-size>0</min-pool-size>
      <max-pool-size>50</max-pool-size>
      </tx-connection-factory>

      </connection-factories>
      My web.xml has:

      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Restricted</web-resource-name>
      Declarative security
      <url-pattern>*.jsp</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
      <role-name>ial</role-name>
      </auth-constraint>
      <user-data-constraint>
      No descrp
      <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>

      </security-constraint>

      <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>ial</realm-name>
      <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/error.htm</form-error-page>
      </form-login-config>
      </login-config>
      <security-role>
      <role-name>ial</role-name>
      </security-role>

      My jboss-web.xml defines the application security domain JNDI namespace as:
      <jboss-web>

      <context-root>/ial/web-app</context-root>
      <!-- Uncomment this element to add security for the application -->
      <security-domain>java:/jaas/ial</security-domain>

      </jboss-web>

      I cant see why it does not connect completely. There is no JDBC error thrown.

      Also, why does it route me to an access denied rather than the login error page? I am using the DatabaseServerLoginModule, so I dont think I need a custom login servlet other than j_securitycheck.

      Any suggestions? Help!