0 Replies Latest reply on Apr 19, 2006 10:23 AM by Vinod Ramu

    Not able to configure roles

    Vinod Ramu Newbie

      Hi,

      Let me explain the problem before I publish my code. I have configured web.xml file with the security constrains--I have configures the database structure in the way the JBoss JAAS requires--I have configured the login-config.xml file. I have problems to login with an user having specific roles. In my web.xml file, if I have a specific role as shown in the code below then the user will not be able to login. He gets the resource not available error message

      <auth-constraint>
      <role-name>admin</role-name>
      </auth-constraint>

      If I remove the role constrain by setting <role-name>*</role-name> in web.xml file then the user is able to get the web page.

      I have been trying to resolve this from past 2 weeks. Could any one of you please help me with this issue?

      Here are the respective codes

      1. Web.xml

      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Secure Content</web-resource-name>
      <url-pattern>/jsf/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
      <role-name>admin</role-name>
      </auth-constraint>
      </security-constraint>

      <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
      <form-login-page>/logon.faces</form-login-page>
      <form-error-page>/error.faces</form-error-page>
      </form-login-config>
      </login-config>

      <security-role>
      The role required to access restricted content
      <role-name>admin</role-name>
      </security-role>

      2. login-config.xml

      <application-policy name="sam">

      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
      <module-option name="dsJndiName">java:ds/sam</module-option>
      <module-option name="principalsQuery">select password from users where username=?</module-option>
      <module-option name="rolesQuery">select Role, RoleGroup from Roles where username=?</module-option>
      </login-module>

      </application-policy>

      3. Database tables.

      CREATE TABLE users (
      username varchar(64) default NULL,
      password varchar(64) default NULL
      ) ;

      INSERT INTO users (username, password) VALUES ('admin','admin');

      CREATE TABLE Roles (
      username varchar(64) NOT NULL,
      Role varchar(32) NOT NULL,
      RoleGroup varchar(32) NOT NULL
      );

      INSERT INTO Roles (username, Role, RoleGroup) VALUES ('admin','admin', 'admin');

      4. Jboss verion is jboss-4.0.3SP1, Database is PostgresSQL8.1

      Please let me know if there are any details that I have missed out.

      Thank you,
      VinodRamu