This week's book giveaway is in the OCMJEA forum.
We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line!
See this thread for details.
The moose likes JBoss/WildFly and the fly likes Problems with DatabaseServerLoginModule Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "Problems with DatabaseServerLoginModule" Watch "Problems with DatabaseServerLoginModule" New topic
Author

Problems with DatabaseServerLoginModule

Don Griffing
Ranch Hand

Joined: Nov 21, 2003
Posts: 33
I am trying to use the DatabaseServerLoginModule in my application. I am running JBoss 3.0.6 with Tomcat 4.1.18. After search multiple forums, documentation, etc., the best that I have been able to do is get redirected to the <form-error-page> page. I am using XDoclet 1.2-beta2 to generate source code and XML descriptors. Below are portions of the important XML descriptors and the SQL scripts that I use to create the tables in MySQL.
ejb-jar.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">
<ejb-jar >
<description><![CDATA[No Description.]]></description>
<display-name>Generated by XDoclet</display-name>
<enterprise-beans>
<!-- Session Beans -->
<session >
<description><![CDATA[This a session bean that will handle the vendor setup and maintenance.]]></description>
<ejb-name>Supplier</ejb-name>
<home>com.fdsolutions.vendor.interfaces.SupplierHome</home>
<remote>com.fdsolutions.vendor.interfaces.Supplier</remote>
<ejb-class>com.fdsolutions.vendor.session.SupplierBean</ejb-class>
<session-type>Stateful</session-type>
<transaction-type>Container</transaction-type>
</session>
<!--
To add session beans that you have deployment descriptor info for, add
a file to your XDoclet merge directory called session-beans.xml that contains
the <session></session> markup for those beans.
-->
<!-- Entity Beans -->
<entity >
<description><![CDATA[This an entity bean that will handle the persistence of vendors.]]></description>
<ejb-name>Vendor</ejb-name>
<local-home>com.fdsolutions.vendor.interfaces.VendorLocalHome</local-home>
<local>com.fdsolutions.vendor.interfaces.VendorLocal</local>
<ejb-class>com.fdsolutions.vendor.entity.VendorCMP</ejb-class>
<persistence-type>Container</persistence-type>
<prim-key-class>com.fdsolutions.vendor.interfaces.VendorPK</prim-key-class>
<reentrant>False</reentrant>
<cmp-version>2.x</cmp-version>
<abstract-schema-name>Vendor</abstract-schema-name>
<cmp-field >
<description><![CDATA[This gets the system generated id of the vendor.]]></description>
<field-name>id</field-name>
</cmp-field>
<cmp-field >
<description><![CDATA[This gets the user defined id for the vendor.]]></description>
<field-name>vendorId</field-name>
</cmp-field>
<cmp-field >
<description><![CDATA[This gets the name of the vendor.]]></description>
<field-name>name</field-name>
</cmp-field>
<cmp-field >
<description><![CDATA[This gets the date and time the vendor became inactive.]]></description>
<field-name>inactiveDate</field-name>
</cmp-field>
<cmp-field >
<description><![CDATA[This retrieves the last time the record was updated.]]></description>
<field-name>lastModifiedTimestamp</field-name>
</cmp-field>
<query>
<query-method>
<method-name>findAll</method-name>
<method-params>
</method-params>
</query-method>
<result-type-mapping>Local</result-type-mapping>
<ejb-ql><![CDATA[SELECT DISTINCT OBJECT(v) FROM Vendor v WHERE v.inactiveDate IS NULL]]></ejb-ql>
</query>
<!-- Write a file named ejb-finders-VendorBean.xml if you want to define extra finders. -->
</entity>
<!--
To add entity beans that you have deployment descriptor info for, add
a file to your XDoclet merge directory called entity-beans.xml that contains
the <entity></entity> markup for those beans.
-->
<!-- Message Driven Beans -->
<!--
To add message driven beans that you have deployment descriptor info for, add
a file to your XDoclet merge directory called message-driven-beans.xml that contains
the <message-driven></message-driven> markup for those beans.
-->
</enterprise-beans>
<!-- Relationships -->
<relationships >
</relationships>
<!-- Assembly Descriptor -->
<assembly-descriptor >
</assembly-descriptor>
</ejb-jar>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app >
<display-name>Application</display-name>
<description><![CDATA[First Degree Solutions, LLC. application.]]></description>
<distributable/>

<!-- $Id: web-security.xml,v 1.2 2003/05/01 21:29:52 dgriffing Exp $ -->
<security-constraint>
<display-name>Fleet Server Configuration Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.do</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>authenticatedUser</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Fleet Server Configuration Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/blank.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>The role that is required to log in to the application</description>
<role-name>authenticatedUser</role-name>
</security-role>
</web-app>
jboss.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 3.0//EN" "http://www.jboss.org/j2ee/dtd/jboss_3_0.dtd">
<jboss>
<security-domain>java:/jaas/fleet-security</security-domain>
<enterprise-beans>
<!--
To add beans that you have deployment descriptor info for, add
a file to your XDoclet merge directory called jboss-beans.xml that contains
the <session></session>, <entity></entity> and <message-driven></message-driven>
markup for those beans.
-->
<entity>
<ejb-name>Vendor</ejb-name>
<local-jndi-name>ejb/vendor/Vendor</local-jndi-name>
</entity>
<session>
<ejb-name>Supplier</ejb-name>
<jndi-name>ejb/vendor/Supplier</jndi-name>
</session>
</enterprise-beans>
<resource-managers>
</resource-managers>
</jboss>
jboss-web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3//EN" "http://www.jboss.org/j2ee/dtd/jboss-web_3_0.dtd">
<jboss-web>
<security-domain>java:/jaas/fleet-security</security-domain>
<!-- Resource references -->
<!-- EJB References -->
</jboss-web>

login-config.xml:
<?xml version='1.0'?>
<!DOCTYPE policy PUBLIC
"-//JBoss//DTD JBOSS Security Config 3.0//EN"
"http://www.jboss.org/j2ee/dtd/security_config.dtd">
<!-- The XML based JAAS login configuration read by the
org.jboss.security.auth.login.XMLLoginConfig mbean. Add
an application-policy element for each security domain.
The outline of the application-policy is:
<application-policy name="security-domain-name">
<authentication>
<login-module code="login.module1.class.name" flag="control_flag">
<module-option name = "option1-name">option1-value</module-option>
<module-option name = "option2-name">option2-value</module-option>
...
</login-module>
<login-module code="login.module2.class.name" flag="control_flag">
...
</login-module>
...
</authentication>
</application-policy>
$Revision: 1.1.2.4 $
-->
<policy>
<application-policy name="fleet-security">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="sufficient">
<module-option name="jsJndiName">java:/MySqlDS</module-option>
<module-option name="principalsQuery">select password from user where username = ?</module-option>
<module-option name="rolesQuery">select role, 'Roles' from user_role where username = ?</module-option>
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="hashAlgorithm">MD5</module-option>
</login-module>
</authentication>
</application-policy>
</policy>

user.sql:
create table if not exists user (
username varchar( 20 ) primary key,
password varchar( 40 ) not null,
inactive_date datetime null,
employee_id varchar( 32 ) null,
last_modified_timestamp timestamp not null,
index employee ( employee_id ) );

user_role.sql
create table if not exists user_role (
username varchar( 20 ) not null,
role varchar( 20 ) not null,
last_modified_timestamp timestamp not null,
primary key ( username, role ) );
Don Griffing
Ranch Hand

Joined: Nov 21, 2003
Posts: 33
I am continuing to fight with this issue. It is behaving as though the input from j_username and j_password are not being passed along for authentication.
norman richards
Author
Ranch Hand

Joined: Jul 21, 2003
Posts: 367
Does it work with BASIC authentication? If it were me, I'd want to make sure that it is definitely not a JAAS configuration issue. If it is really working, then debugging the form based auth should be easier. I've never done form based auth with JBoss, but I do know the JAAS subsystem fairly well. If it turns out to be a problem there, maybe I can help...
Don Griffing
Ranch Hand

Joined: Nov 21, 2003
Posts: 33
I set this issue aside for a while. I have upgraded to JBoss 3.2.3 and am encountering the same problem. I was able to verify that this works properly with BASIC authenication.
Don Griffing
Ranch Hand

Joined: Nov 21, 2003
Posts: 33
Check out FORM Authentication to see how this saga continues and was ultimately resolved.
 
wood burning stoves
 
subject: Problems with DatabaseServerLoginModule