1 Reply Latest reply on Jul 14, 2005 12:12 PM by dblaisdell

    Additional Credentials in login-config.xml

    dblaisdell
    dblaisdell Jul 14, 2005 10:22 AM

      How can I configure login-config.xml to push additional credentials into my context? Such as a login index?

      <application-policy name="firsthealthinc">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
 <module-option name="dsJndiName">java:/PostgresDS</module-option>
 <module-option name="principalsQuery">select password from tblemployee where login=? and inactive='f'</module-option>
 <module-option name="rolesQuery">
 select securityroles.role,rolegroup from tblemployeeroles
 inner join tblemployee on tblemployeeroles.employeeid=tblemployee.employeekey
 inner join securityroles on tblemployeeroles.role=securityroles.roleid
 where tblemployee.login=?
 </module-option>
 <module-option name = "unauthenticatedIdentity">guest</module-option>
 </login-module>

 <login-module code = "org.jboss.security.ClientLoginModule" flag = "required">
 </login-module>

 </authentication>

</application-policy>


      • 2943 Views
      • Tags:
        • 1. Re: Additional Credentials in login-config.xml
          dblaisdell
          dblaisdell Jul 14, 2005 12:12 PM (in response to dblaisdell)

          I was able to solve my own problem by writing a custom login module.

          The class below keeps track of my LoginIndex

          public final class LoginIndex implements Principal {

 final int loginindex;

 public LoginIndex(int login) {
 loginindex=login;
 }


 /**
 * @return Returns the loginindex.
 */
 public int getLoginindex() {
 return loginindex;
 }


 /* (non-Javadoc)
 * @see java.security.Principal#getName()
 */
 public String getName() {
 return "LoginIndex";
 }

 public String toString() {
 return "Login Index: " + loginindex;
 }
}


          The Custom Module Makes an additional database call based on a customizable query 
          public class CustomDBServerLoginModule extends DatabaseServerLoginModule {

 private String loginIndexQuery;
 private LoginIndex loginIndex;

 public void initialize(Subject subject, CallbackHandler callbackHandler,
 Map sharedState, Map options) {
 super.initialize(subject, callbackHandler, sharedState, options);
 loginIndexQuery = (String) options.get("loginIndexQuery");
 getLoginIndex();
 }

 protected void getLoginIndex() {
 try {
 InitialContext ic = new InitialContext();
 DataSource ds = (DataSource) ic.lookup(this.dsJndiName);
 Connection con = ds.getConnection();
 PreparedStatement prepStmt = con.prepareStatement(loginIndexQuery);
 ResultSet rs = prepStmt.executeQuery();
 if (rs.next()) {
 loginIndex = new LoginIndex(rs.getInt(1));
 subject.getPrincipals().add(loginIndex);
 log.info(loginIndex);
 }
 con.close();
 } catch (SQLException e1) {
 e1.printStackTrace();
 } catch (NamingException e) {
 e.printStackTrace();
 }
 }
}


          And finally the login-config.xml file glues it all together. 
          <application-policy name="firsthealthinc">
 <authentication>
 <login-module code="com.firsthealthinc.security.CustomDBServerLoginModule" flag="required">
 <module-option name="dsJndiName">java:/PostgresDS</module-option>
 <module-option name="principalsQuery">select password from tblemployee where login=? and inactive='f'</module-option>
 <module-option name="rolesQuery">
 select securityroles.role,rolegroup from tblemployeeroles
 inner join tblemployee on tblemployeeroles.employeeid=tblemployee.employeekey
 inner join securityroles on tblemployeeroles.role=securityroles.roleid
 where tblemployee.login=?
 </module-option>
 <module-option name = "unauthenticatedIdentity">guest</module-option>
 <module-option name = "loginIndexQuery">select nextval('employeelogin_seq')</module-option>
 </login-module>

 <login-module code = "org.jboss.security.ClientLoginModule" flag = "required">
 </login-module>

 </authentication>

</application-policy>


            • Actions