aspose file tools*
The moose likes JBoss/WildFly and the fly likes JBOSS FORM based auth and 403 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "JBOSS FORM based auth and 403" Watch "JBOSS FORM based auth and 403" New topic
Author

JBOSS FORM based auth and 403

NikhilN Kumar
Greenhorn

Joined: Jun 30, 2003
Posts: 9
I am trying to implement form-based authentication in a JBOSS 3.2.3/ Embedded Tomcat/ Firebird database environment. I have tested that I can login into Firebird using isql for the user id/ password combination that I have. It seems to go past any jdbc connection errors (no stack/ failures). However, Tomcat chokes with a "HTTP Status 403 - Access to the requested resource has been denied" message.
My login-config.xml has the following entries:
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName">java:/IAL-AUTH-DS</module-option>
<module-option name="principalsQuery">select pr_password from principals where principal_id=?</module-option>
<module-option name="rolesQuery">select user_role, role_group from roles where principal_id=?</module-option>
</login-module>
</authentication>
My firebird..-xa-ds.xml has

<connection-factories>
<tx-connection-factory>
<jndi-name>IAL-AUTH-DS</jndi-name>
<xa-transaction/>
<adapter-display-name>Firebird Database Connector</adapter-display-name>
<config-property name="Database" type="java.lang.String">localhost/3050:/home2/niprdev/db/niprdev_auth.GDB</config-property>
<user-name>test</user-name>
<password>test</password>
<!--additional properties. only use one way of setting tx isolation, please
<config-property name="TransactionIsolation"></config-property>
<config-property name="TransactionIsolationName">TRANSACTION_READ_COMMITTED</config-property>
<config-property name="BlobBufferLength"></config-property>
<config-property name="Encoding">UNICODE_FSS</config-property>
-->
<min-pool-size>0</min-pool-size>
<max-pool-size>50</max-pool-size>
</tx-connection-factory>
</connection-factories>
My web.xml has:
<security-constraint>
<web-resource-collection>
<web-resource-name>Restricted</web-resource-name>
<description>Declarative security</description>
<url-pattern>*.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>ial</role-name>
</auth-constraint>
<user-data-constraint>
<description>No descrp</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>ial</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.htm</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>ial</role-name>
</security-role>
My jboss-web.xml defines the application security domain JNDI namespace as:
<jboss-web>
<context-root>/ial/web-app</context-root>
<!-- Uncomment this element to add security for the application -->
<security-domain>java:/jaas/ial</security-domain>
</jboss-web>
I cant see why it does not connect completely. There is no JDBC error thrown.
Any suggestions? Help!
NikhilN Kumar
Greenhorn

Joined: Jun 30, 2003
Posts: 9
One more query. Why does it route me to an access denied rather than the login error page?
Regards,
Nikhil
Don Griffing
Ranch Hand

Joined: Nov 21, 2003
Posts: 33
When I was fighting a simular problem, it was recommended that I add

to my log4j.xml in order to get more details about what is going on.
BTW I noticed that your <security-domain> and <context-root> were out of order according to the DTD.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JBOSS FORM based auth and 403