This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I'm trying to configure my J2EE web application to use the DatabaseServerLoginModule.
I'm following the instructions in the book: JBoss in Action, but I think I must be missing something, as the application continues to try to use the UsersRolesLoginModule instead.
I'm running JBoss AS 5.1.0.GA with JDK 1.6, and my web application contains HTML files as well as a Servlet.
First, I've created the security tables in a MySQL database, and have deployed a -ds.xml deployment descriptor for my database. Also, I've enabled the HTTPS connector (with a home-made certificate) so I can access the web application via https (on port 8443) - which is working.
I then added the following <application-policy> block element to the login-config.xml file in my server's conf directory:
Note that the policy name is database-domain
Next, I created a jboss-web.xml file in the web application's WEB-INF directory, which looks like this:
Finally, I have the following web.xml file in my web application's WEB-INF directory:
When I attempt to access the restricted page (/authroized/create_user.html) I am prompted for credentials, but when I enter them, the application server writes the following to the server.log file:
It seems the application is still configured to use the UsersRolesLoginModule, rather than the DatabaseServerLoginModule.
I must be missing a configuration someplace, but I can't tell where.
Can someone please point me in the right direction?