Simple Web Form authentication using JAAS with DatabaseServe
mpurdy1973 Jun 22, 2009 12:02 AMi implemented JAAS the best i know how; however, when i enter the correct username and password with the correct role, it forwards me to the bad login page??? i also get no exceptions in the jboss console.
i am using the username: 'tom' and the password 'tomuser'. as you can see below, tom has a password of 'tomuser' and is in the role of 'admin'
what am i missing???
here is my configuration:
mysql sql code
use pyxiswebadmin; drop table users; drop table roles; create table users ( username varchar(64) not null primary key, password varchar(64) not null ); create table roles ( username varchar(64), role varchar(64) ); insert into users values ('tom', 'tomuser'); insert into users values ('dick', 'dickuser'); insert into users values ('harry', 'harryuser'); insert into roles value ('tom', 'admin'); insert into roles value ('dick', 'audit'); insert into roles value ('harry', 'user'); commit;
mysql database data
mysql> show tables; +-------------------------+ | Tables_in_pyxiswebadmin | +-------------------------+ | roles | | users | +-------------------------+ 2 rows in set (0.00 sec) mysql> select * from users; +----------+-----------+ | username | password | +----------+-----------+ | tom | tomuser | | dick | dickuser | | harry | harryuser | +----------+-----------+ 3 rows in set (0.00 sec) mysql> select * from roles; +----------+-------+ | username | role | +----------+-------+ | tom | admin | | dick | audit | | harry | user | +----------+-------+ 3 rows in set (0.00 sec)
login-config
<!-- ####################################### --> <!-- added for Pyxis Server security --> <!-- ####################################### --> <application-policy name="pyxis-client-login"> <authentication> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name="dsJndiName">java:/pyxisDS</module-option> <module-option name="principalsQuery">select password from users where username=?</module-option> <module-option name="roleQuery">select role, 'Role' from roles where username=?</module-option> </login-module> </authentication> </application-policy> <!-- ####################################### -->
datasource
<?xml version="1.0" encoding="UTF-8"?> <datasources> <local-tx-datasource> <jndi-name>pyxisDS</jndi-name> <connection-url>jdbc:mysql://localhost:3306/pyxiswebadmin</connection-url> <driver-class>org.gjt.mm.mysql.Driver</driver-class> <user-name>pyxis</user-name> <password>pyxisuser</password> </local-tx-datasource> </datasources>
jboss-web.xml
<jboss-web> <security-domain>java:/jaas/pyxis-client-login</security-domain> </jboss-web>
web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <security-constraint> <web-resource-collection> <web-resource-name>HtmlAdaptor</web-resource-name> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/restricted/login.jsp</form-login-page> <form-error-page>/restricted/bad-login.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>admin</role-name> </security-role> </web-app>