1 Reply Latest reply on Apr 22, 2005 7:55 PM by Jorge Perez

    RE: step by step JASS on JBOSS how to issue...

    Jorge Perez Newbie

      I did follow the "Complate configuration of Jass on Jboss" http://www.javaworld.com/javaforums/showthreaded.php?Cat=&Board=JavaSecurity&Number=17048&page=&view=&sb=5&o=&vc=1
      And after configuring everything as follows:

      login-config.xml :
      <application-policy name="PgDbRealm">

      <login-module code="org.jboss.security.ClientLoginModule" flag="required">
      </login-module>
      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
      <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=naturaDS</module-option>
      <module-option name="dsJndiName">java:/naturaDS</module-option>
      <module-option name="principalsQuery">Select password from usuarios where idusuario =?</module-option>
      <module-option name="rolesQuery">Select R.role AS Roles, G.descripcion AS RoleGroups from gruposusuarios GU,roles R, grupos G where idusuario =? AND GU.idrole=R.idrole AND GU.idgrupo=G.idgrupo</module-option>
      </login-module>

      </application-policy>

      jboss-web.xml:

      <security-domain>java:/jaas/PgDbRealm</security-domain>

      web.xml :

      <security-constraint>
      <web-resource-collection>
      <web-resource-name>protected-resources</web-resource-name>
      <url-pattern>/distribuidores/*</url-pattern>
      <http-method>HEAD</http-method>
      <http-method>GET</http-method>
      </web-resource-collection>
      <auth-constraint>
      <role-name>SUPERUSUARIO</role-name>
      </auth-constraint>
      </security-constraint>
      <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/login.jsp</form-error-page>
      </form-login-config>
      </login-config>
      <security-role>
      The SUPERUSUARIO role
      <role-name>SUPERUSUARIO</role-name>
      </security-role>



      \jboss-4.0.1sp1\server\default\conf\auth.conf :

      // The JBoss server side JAAS login config file for the examples

      client-login
      {
      org.jboss.security.ClientLoginModule required;
      };
      PgDbRealm
      {
      org.jboss.security.ClientLoginModule required;
      org.jboss.security.auth.spi.UsersRolesLoginModule required;
      org.jboss.security.auth.spi.DatabaseServerLoginModule
      required
      dsJndiName="java:/naturaDS"
      principalsQuery="Select password from usuarios where idusuario =?"
      rolesQuery="Select R.role AS Roles, G.descripcion AS RoleGroups from gruposusuarios GU,roles R, grupos G where idusuario =? AND GU.idrole=R.idrole AND GU.idgrupo=G.idgrupo"
      ;
      };

      \jboss-4.0.1sp1\client\auth.conf :

      client-login
      {
      org.jboss.security.ClientLoginModule required;
      };
      PgDbRealm
      {
      org.jboss.security.ClientLoginModule required;
      org.jboss.security.auth.spi.DatabaseServerLoginModule required;
      };



      my LogginCheckAction :

      Principal userPrincipal =null;
      try {
      String username=request.getParameter("j_username");
      String password=request.getParameter("j_password");
      System.out.println("intentare logueo-----------------");
      System.out.println("password = " + password);
      System.out.println("username = " + username);
      SecurityAssociationHandler handler = new SecurityAssociationHandler();
      userPrincipal= new SimplePrincipal(username);
      handler.setSecurityInfo(userPrincipal, password.toCharArray());
      LoginContext loginContext = new LoginContext("PgDbRealm",(CallbackHandler) handler);
      loginContext.login();
      HttpSession session = request.getSession(true);
      session.setAttribute("Login_Context",loginContext);

      Subject subject = loginContext.getSubject();
      Set principals = subject.getPrincipals();
      principals.add(userPrincipal);
      } catch (LoginException e) {
      errors.add("loginerror", new ActionError("Wrong Username or Password"));
      saveErrors(request, errors);
      e.printStackTrace();
      return mapping.findForward("fail");
      }
      System.out.println("logged in successfully-----------------"+userPrincipal); //I do reach this line



      login.jsp:

      <FORM name="logonForm" action="<%=request.getContextPath()%>/login.do" METHOD=POST>









      Every thing seams to be just fine but...
      when i ask for a resource under the /distribuidores url-pattern i'am
      asked to login and I do so and i'am "successfully" logged in but
      when I try to enter under /distribuidores I'am asked to loggin
      again when I did it just a few seconds before.

      any Idea ?

      regards...