0 Replies Latest reply on Nov 3, 2005 4:25 AM by Micha? ?

    DatabaseServerLoginModule with PostgreSQL Datasource

    Micha? ? Newbie

      Hello everybody

      I'm struggling with following problem - given configurations:
      web.xml:

      web-app >
       <security-constraint>
       <web-resource-collection>
       <web-resource-name>Test realm</web-resource-name>
       <url-pattern>/*</url-pattern>
       </web-resource-collection>
       <auth-constraint>
       <role-name>Boss</role-name>
       </auth-constraint>
       </security-constraint>
       <login-conf>
       <auth-method>FORM</auth-method>
       <form-login-config>
       <form-login-page>/login.html</form-login-page>
       <form-error-page>/error.html</form-error-page>
       </form-login-config>
       <realm-name>MyRealm</realm-name>
       </login-conf>
      
       <security-role>
       <role-name>Boss</role-name>
       </security-role>
      
      </web-app>
      


      jboss-web.xml
      <jboss-web>
       <security-domain> java:/jaas/MyRealm</security-domain>
      </jboss-web>
      


      login-config.xml
      ...
       <application-policy name = "MyRealm">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag = "required">
       <module-option name = "unauthenticatedIdentity">guest</module-option>
       <module-option name = "dsJndiName">java:/RealmDS</module-option>
       <module-option name = "principalsQuery">SELECT user_pass FROM users WHERE user_name=?</module-option>
       <module-option name = "rolesQuery">SELECT role_name , 'Roles' FROM user_roles WHERE user_name=?</module-option>
       </login-module>
       </authentication>
       </application-policy>
      ...
      


      ...
      <local-tx-datasource>
       <jndi-name>RealmDS</jndi-name>
       <connection-url>jdbc:postgresql://localhost:5432/TomcatRealm</connection-url>
       <driver-class>org.postgresql.Driver</driver-class>
       <server-name>localhost</server-name>
       <database-name>TomcatRealm</database-name>
       <port-number>5432</port-number>
       <default-autocommit>true</default-autocommit>
       <user-name>tomcat_realm</user-name>
       <password>tomcat_realm</password>
       <security-domain>MyRealm</security-domain>
       <metadata>
       <type-mapping>PostgreSQL</type-mapping>
       </metadata>
       </local-tx-datasource>
      ...
      


      Have following db schema:

      CREATE TABLE users
      (
       user_name text NOT NULL,
       user_pass text NOT NULL,
       user_id text
      )
      
      CREATE TABLE user_roles
      (
       user_name text NOT NULL,
       role_name text NOT NULL,
       user_id text
      )


      I'm using JBoss-4.0.3 and Postgres8.0. When trying to access secured page
      http://localhost:8080/TestAuth/ (where TestAuth is my war context) i got:
      HTTP Status 403 - Configuration error: Cannot perform access control without an authenticated principal
      
      type Status report
      
      message Configuration error: Cannot perform access control without an authenticated principal
      
      description Access to the specified resource (Configuration error: Cannot perform access control without an authenticated principal) has been forbidden.

      instead of login html content. What might be the problem? Is my dbschema correct and query ok? I based it on http://www.thepaxson5.org/Members/Aaron/JBoss/jboss-jaas-intro