I'm trying to configure my J2EE web application to use the DatabaseServerLoginModule.
I'm following the instructions in the book: JBoss in Action, but I think I must be missing something, as the application continues to try to use the UsersRolesLoginModule instead.
I'm running JBoss AS 5.1.0.GA with JDK 1.6, and my web application contains HTML files as well as a Servlet.
First, I've created the security tables in a MySQL database, and have deployed a -ds.xml deployment descriptor for my database. Also, I've enabled the HTTPS connector (with a home-made certificate) so I can access the web application via https (on port 8443) - which is working.
I then added the following <application-policy> block element to the login-config.xml file in my server's conf directory:
Note that the policy name is database-domain
Next, I created a jboss-web.xml file in the web application's WEB-INF directory, which looks like this:
Finally, I have the following web.xml file in my web application's WEB-INF directory:
When I attempt to access the restricted page (/authroized/create_user.html) I am prompted for credentials, but when I enter them, the application server writes the following to the server.log file:
It seems the application is still configured to use the UsersRolesLoginModule, rather than the DatabaseServerLoginModule.
I must be missing a configuration someplace, but I can't tell where.
Can someone please point me in the right direction?
Other than that, I don't see anything obviously wrong.
Are the user and role queries going to the database? I'm wondering if a failure there is causing JBoss AS to revert to the user login module.
Also, try adding debug tracing to the login module and see if the server.log gives any more hints as to what is going on. To do this, add these lines to the server/xxx/conf/jboss-log4j.xml file:
0
