0 Replies Latest reply on Sep 18, 2005 1:48 PM by Aaron

    Simple DB Authentication?

    Aaron Novice

      Can someone help me out with a trivial DB Login? I'm just now getting into the JAAS of things (if you pardon the pun), and am having difficulty authenticating to a MySQL Database.

      I authenticate correctly, as you can see in these logs. And I get assigned the correct roles:

      2005-09-18 13:37:39,962 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] User 'apaxson' authenticated, loginOk=true
      2005-09-18 13:37:39,962 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] commit, loginOk=true
      2005-09-18 13:37:39,972 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role TechDesk-Admin
      2005-09-18 13:37:39,972 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role JBoss-JMX-Admin
      


      Specifically, take note that I was assigned the role "JBoss-JMX-Admin". You can see from the following logs, that it cannot see that I have that role:

      2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Authenticated 'apaxson' with type 'BASIC'
      2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling accessControl()
      2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.realm.RealmBase] Checking roles GenericPrincipal[apaxson()]
      2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.realm.RealmBase] Username apaxson does NOT have role JBoss-JMX-Admin
      2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.realm.RealmBase] No role found: JBoss-JMX-Admin
      2005-09-18 13:37:39,993 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Failed accessControl() test
      


      I'm sure it's something very simple. I just created a quick DB for learning the authentication process. Can someone give me a hand?

      Here's my login-config.xml

      <application-policy name = "DefAuth">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag = "required">
       <module-option name = "unauthenticatedIdentity">guest</module-option>
       <module-option name = "dsJndiName">java:/UserAuthDB</module-option>
       <module-option name = "principalsQuery">SELECT password FROM principles WHERE PrincipleID=?</module-option>
       <module-option name = "rolesQuery">SELECT Role, RoleGroup FROM ROLES WHERE PrincipleID=?</module-option>
       </login-module>
       </authentication>
       </application-policy>