5 Replies Latest reply on May 29, 2006 10:10 AM by Edward Valera

    How i can get the j_password and save it in  a session

    Edward Valera Newbie

      Hi, please help me...
      i have a web aplication where i wanna save the j_password in a session
      i am using struts, postgresql BD and Form-Based Authentication. if you can send me a complete example send me at edwardval@yahoo.com or just post the help.


      thanks in advance....

        • 3. Re: How i can get the j_password and save it in  a session
          Edward Valera Newbie

          i did these two case (extendedformauthenticator and formauthvalve) and its not function for me... i need to make another think? i am using JBoss 4.0.3.

          I made the context-xml file under WEB-INF, my web.xml is:




          <servlet-name>action</servlet-name>
          <servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
          <init-param>
          <param-name>config</param-name>
          <param-value>/WEB-INF/struts-config.xml</param-value>
          </init-param>
          <init-param>
          <param-name>debug</param-name>
          <param-value>2</param-value>
          </init-param>
          <init-param>
          <param-name>detail</param-name>
          <param-value>2</param-value>
          </init-param>
          <load-on-startup>2</load-on-startup>

          <servlet-mapping>
          <servlet-name>action</servlet-name>
          <url-pattern>*.do</url-pattern>
          </servlet-mapping>
          <session-config><session-timeout>
          30
          </session-timeout></session-config><welcome-file-list><welcome-file>/pages/index.jsp
          </welcome-file></welcome-file-list>
          <jsp-config>

          <taglib-uri>/WEB-INF/struts-bean.tld</taglib-uri>
          <taglib-location>/WEB-INF/struts-bean.tld</taglib-location>


          <taglib-uri>/WEB-INF/struts-html.tld</taglib-uri>
          <taglib-location>/WEB-INF/struts-html.tld</taglib-location>


          <taglib-uri>/WEB-INF/struts-logic.tld</taglib-uri>
          <taglib-location>/WEB-INF/struts-logic.tld</taglib-location>


          <taglib-uri>/WEB-INF/struts-nested.tld</taglib-uri>
          <taglib-location>/WEB-INF/struts-nested.tld</taglib-location>


          <taglib-uri>/WEB-INF/struts-tiles.tld</taglib-uri>
          <taglib-location>/WEB-INF/struts-tiles.tld</taglib-location>

          </jsp-config>

          <!-- Uncomment this section for Container-managed security -->
          <security-constraint>
          <web-resource-collection>
          <web-resource-name>AdminPages</web-resource-name>
          Administrator-only pages
          <url-pattern>/*</url-pattern>
          <!--<http-method>HEAD</http-method>
          <http-method>GET</http-method>
          <http-method>POST</http-method>
          <http-method>PUT</http-method>
          <http-method>DELETE</http-method>-->
          </web-resource-collection>
          <auth-constraint>
          <role-name>*</role-name>
          </auth-constraint>
          <user-data-constraint>
          <transport-guarantee>
          NONE
          </transport-guarantee>
          </user-data-constraint>
          </security-constraint>

          <login-config>
          <auth-method>FORM</auth-method>
          <realm-name>MiniHRRealm</realm-name>
          <form-login-config>
          <form-login-page>/login.jsp</form-login-page>
          <form-error-page>/logoff.do</form-error-page>
          </form-login-config>
          </login-config>

          <security-role>
          HR Administrator
          <role-name>*</role-name>
          </security-role>
          <resource-ref>
          <res-ref-name>jdbc/JBossAtWorkDS</res-ref-name>
          <res-type>javax.sql.DataSource</res-type>
          <res-auth>Container</res-auth>
          </resource-ref>


          </web-app>

          my strut-config.xml is:

          <struts-config>
          <data-sources>
          <data-source key="businessintelligentDS" type="org.apache.tomcat.dbcp.dbcp.BasicDataSource">
          <!-- <data-source type="org.postgresql.jdbc2.optional.SimpleDataSource">-->
          <set-property
          property="driverClassName"
          value="org.postgresql.Driver" />
          <set-property
          property="url"
          value="jdbc:postgresql://localhost:5432/businessintelligent" />
          <set-property
          property="username"
          value="postgres" />
          <set-property
          property="password"
          value="4611301" />
          <set-property
          property="maxActive"
          value="10" />
          <set-property
          property="maxWait"
          value="5000" />
          <set-property
          property="defaultAutoCommit"
          value="false" />
          <set-property
          property="defaultReadOnly"
          value="false" />
          <set-property
          property="validationQuery"
          value="SELECT COUNT(*) FROM usuario" />
          </data-source>
          </data-sources>
          <!-- Form Beans Configuration -->
          <form-beans>
          <form-bean name="searchForm"
          type="com.jamesholmes.minihr.SearchForm"/>
          <form-bean name="addForm"
          type="com.jamesholmes.minihr.AddForm"/>
          <form-bean name="logonForm" type="org.apache.struts.action.DynaActionForm">
          <form-property name="j_username" type="java.lang.String"/>
          <form-property name="j_password" type="java.lang.String"/>
          </form-bean>
          </form-beans>

          <!-- Global Forwards Configuration -->
          <global-forwards>



          </global-forwards>

          <!-- Action Mappings Configuration -->
          <action-mappings>
          <!-- Use this action mappings element instead for SSLEXT -->
          <!--
          <action-mappings type="org.apache.struts.config.SecureActionConfig">
          -->








          <!-- Optionally you can add the "roles=administrator" attribute -->




          </action-mappings>

          <!-- Uncomment to use the MiniHR request processor for custom role processing -->
          <!-- -->
          <!-- -->
          <!-- Uncomment to use the SSLEXT Secure Request Processor

          -->
          <!-- Message Resources Configuration -->
          <message-resources
          parameter="com.jamesholmes.minihr.ApplicationResources"/>

          </struts-config>

          my logon.jsp is:

          html>
          head>
          meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
          title>@BusinessIntelligent... Powered by CVS
          body leftmargin="0" topmargin="0">
          table width="100%" border="0" cellspacing="0" cellpadding="0">
          tr>
          td background="lineaArriba.gif">
          /tr>
          tr>
          td>table width="100%" border="0" cellspacing="0" cellpadding="0">
          tr>
          td width="82%" height="23">/td>
          /tr>

          /table>/td>
          /tr>
          tr>
          td background="lineaAbajo.gif"> /td>
          /tr>
          /table>
          br/>br/>br/>
          form action="j_security_check" method="POST">
          table width="280" border="1" align="center">
          tr>
          td colspan="2" bgcolor="#999999">Ingrese Sus Datos
          /tr>
          tr>
          td width="118" style="font-size:12px;font-weight: bold">Nombre de Usuario /td>
          td width="152">
          input type="text" name="j_username"/>
          /td>
          /tr>
          tr>
          td style="font-size:12px;font-weight: bold">Clave de Usuario /td>
          td>
          input type="password" name="j_password"/>
          /td>
          /tr>
          tr>
          td colspan="2">
          input type="submit" value="Aceptar"/>
          /div>
          /tr>
          /table>
          /form>

          /body>
          /html>

          and my index.jsp is:

          <html:html locale="true">

          <bean:message key="tituloPaginas"/>

          <html:base/>


          <bean:message key="infoCarga"/>
          <%

          Enumeration names = request.getAttributeNames();
          while( names.hasMoreElements() )
          {
          String name = (String) names.nextElement();
          Object value = request.getAttribute(name);
          System.out.println("Name:"+name+" = "+value+"");
          }

          names = request.getSession ().getAttributeNames ();
          while( names.hasMoreElements() )
          {
          String name = (String) names.nextElement();
          Object value = session.getAttribute(name);
          System.out.println("Name:"+name+" = "+value+"");
          }


          %>
          <logic:notPresent name="user" scope="session">

          </logic:notPresent>
          <logic:present name="usuario" scope="session">
          </logic:present>

          </html:html>


          when i do the second case (formauthvalve) , i put a message in the code (System.out.println("i am here")) and its dont print on the console.


          plssss help me

          thanks in advance

          • 4. Re: How i can get the j_password and save it in  a session
            chris griffith Expert

            Please re-submit and use the code tags provided on this forum around your file contents. Also, I do not think you can create a security-role in your web.xml with the name of '*'.

            cgriffith

            • 5. Re: How i can get the j_password and save it in  a session
              Edward Valera Newbie

              now it function for me; it function with http://wiki.jboss.org/wiki/Wiki.jsp?page=CustomizingSecurityUsingValves. just i had to change my version of Jboss from 4.0.3 to 4.0.4

              And the security Role function with '*'; with that, all role in your application can acces at resources.

              Thanks to all. Now i wanna a help beacause i need to make logoff

              Bye...