resource (/j_security_check) is not available.
haobaba1 Oct 5, 2004 9:46 AMHello I have been plugging away at this for a while now and can't seem to figure out where I have gone wrong. I am trying to use the DatabaseLoginModule with form based authentication. No matter what I enter into the username and password fields I get the above message and no errors of any sort in my logs. Please help my config files are below. I can see in the startup logs that the domain tatrackerRealm is created, but this is the only indication that anything is working.
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<servlet-name>Controller</servlet-name>
<servlet-class>anteon.rk.frameworks.gato.Controller</servlet-class>
<servlet-mapping>
<servlet-name>Controller</servlet-name>
<url-pattern>*.gato</url-pattern>
</servlet-mapping>
<security-role><role-name>Admin</role-name></security-role>
<security-role><role-name>TALiaison</role-name></security-role>
<security-role><role-name>CCB</role-name></security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>GatoController</web-resource-name>
Web application gateway servlet
<url-pattern>*.gato</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
<role-name>TALiaison</role-name>
<role-name>CCB</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>AllCompiledPages</web-resource-name>
All jsp pages
<url-pattern>/site/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
<role-name>TALiaison</role-name>
<role-name>CCB</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>HomePage</web-resource-name>
Home Page
<url-pattern>/index.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
<role-name>TALiaison</role-name>
<role-name>CCB</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>java:jaas/tatrackerRealm</realm-name>
<form-login-config>
<form-login-page>/Welcome.jsp</form-login-page>
<form-error-page>/Error.jsp</form-error-page>
</form-login-config>
</login-config>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<ejb-ref>
<ejb-ref-name>ejb/QueryStore</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
anteon.rk.ccarc.tatracker.interfaces.QueryStoreHome
anteon.rk.ccarc.tatracker.interfaces.QueryStore
<ejb-link>GatoEJB.jar#QueryStore</ejb-link>
</ejb-ref>
</web-app>
********************************************
jboss-web.xml:
<jboss-web>
<!-- Uncomment the security-domain to enable security. You will
need to edit the htmladaptor login configuration to setup the
login modules used to authentication users.
-->
<security-domain>java:jaas/tatrackerRealm</security-domain>
<unauthenticated-principal>Unknown</unauthenticated-principal>
</jboss-web>
[question] where do I do edit the "htmladaptor login configuration" and what is that?
*********************************************************
login-conf.xml:: application policy for desired domain/realm
<application-policy name = "tatrackerRealm">
<login-module code="org.jboss.security.ClientLoginModule" flag="required"/>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name = "unauthenticatedIdentity">Unknown</module-option>
<module-option name = "dsJndiName">java:/TaTrac2DS</module-option>
<module-option name = "principalsQuery">SELECT PASSWORD FROM CONTACT WHERE USERNAME=?</module-option>
<module-option name = "rolesQuery">SELECT C.USERNAME, R.ROLE FROM ROLES AS R, CONTACT AS C, ROLEMAP AS M WHERE C.USERNAME = ? AND C.GROUPID = M.GROUPID AND M.ROLEID = R.ROLEID </module-option>
<!-- <module-option name = "hashAlgorithm">SHA</module-option>
<module-option name = "hashEncoding">base64</module-option>
<module-option name = "hashCharset">UTF-8</module-option> -->
</login-module>
</application-policy>