0 Replies Latest reply on Nov 3, 2005 4:25 AM by blacky

    DatabaseServerLoginModule with PostgreSQL Datasource

    blacky
    blacky Nov 3, 2005 4:25 AM

      Hello everybody

      I'm struggling with following problem - given configurations:
      web.xml:

      web-app >
 <security-constraint>
 <web-resource-collection>
 <web-resource-name>Test realm</web-resource-name>
 <url-pattern>/*</url-pattern>
 </web-resource-collection>
 <auth-constraint>
 <role-name>Boss</role-name>
 </auth-constraint>
 </security-constraint>
 <login-conf>
 <auth-method>FORM</auth-method>
 <form-login-config>
 <form-login-page>/login.html</form-login-page>
 <form-error-page>/error.html</form-error-page>
 </form-login-config>
 <realm-name>MyRealm</realm-name>
 </login-conf>

 <security-role>
 <role-name>Boss</role-name>
 </security-role>

</web-app>


      jboss-web.xml 
      <jboss-web>
 <security-domain> java:/jaas/MyRealm</security-domain>
</jboss-web>


      login-config.xml 
      ...
 <application-policy name = "MyRealm">
 <authentication>
 <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
 flag = "required">
 <module-option name = "unauthenticatedIdentity">guest</module-option>
 <module-option name = "dsJndiName">java:/RealmDS</module-option>
 <module-option name = "principalsQuery">SELECT user_pass FROM users WHERE user_name=?</module-option>
 <module-option name = "rolesQuery">SELECT role_name , 'Roles' FROM user_roles WHERE user_name=?</module-option>
 </login-module>
 </authentication>
 </application-policy>
...



      ...
<local-tx-datasource>
 <jndi-name>RealmDS</jndi-name>
 <connection-url>jdbc:postgresql://localhost:5432/TomcatRealm</connection-url>
 <driver-class>org.postgresql.Driver</driver-class>
 <server-name>localhost</server-name>
 <database-name>TomcatRealm</database-name>
 <port-number>5432</port-number>
 <default-autocommit>true</default-autocommit>
 <user-name>tomcat_realm</user-name>
 <password>tomcat_realm</password>
 <security-domain>MyRealm</security-domain>
 <metadata>
 <type-mapping>PostgreSQL</type-mapping>
 </metadata>
 </local-tx-datasource>
...


      Have following db schema: 

      CREATE TABLE users
(
 user_name text NOT NULL,
 user_pass text NOT NULL,
 user_id text
)

CREATE TABLE user_roles
(
 user_name text NOT NULL,
 role_name text NOT NULL,
 user_id text
)


      I'm using JBoss-4.0.3 and Postgres8.0. When trying to access secured page
      http://localhost:8080/TestAuth/ (where TestAuth is my war context) i got: 
      HTTP Status 403 - Configuration error: Cannot perform access control without an authenticated principal

type Status report

message Configuration error: Cannot perform access control without an authenticated principal

description Access to the specified resource (Configuration error: Cannot perform access control without an authenticated principal) has been forbidden.

      instead of login html content. What might be the problem? Is my dbschema correct and query ok? I based it on http://www.thepaxson5.org/Members/Aaron/JBoss/jboss-jaas-intro

      • 2419 Views
      • Tags: