I have posted the code of the DatabaseServerLogin Module.....Your method should be called from within getUsersPassword()...Check the super class code
DatabaseServerLoginModule.java /* | | * JBoss, the OpenSource WebOS | | * | | * Distributable under LGPL license. | | * See terms of license at gnu.org. | | */ | | package org.jboss.security.auth.spi; | | | | import java.security.acl.Group; | | import java.util.HashMap; | | import java.util.Map; | | import java.sql.Connection; | | import java.sql.PreparedStatement; | | import java.sql.ResultSet; | | import java.sql.SQLException; | | import javax.naming.InitialContext; | | import javax.naming.NamingException; | | import javax.sql.DataSource; | | import javax.security.auth.Subject; | | import javax.security.auth.callback.CallbackHandler; | | import javax.security.auth.login.LoginException; | | import javax.security.auth.login.FailedLoginException; | | | | import org.jboss.security.SimpleGroup; | | import org.jboss.security.SimplePrincipal; | | import org.jboss.security.auth.spi.UsernamePasswordLoginModul | | | | /** | | * A JDBC based login module that supports authentication and | | * It is based on two logical tables: | | * <ul> | | * <li>Principals(PrincipalID text, Password text) | | * <li>Roles(PrincipalID text, Role text, RoleGroup text) | | * </ul> | | * <p> | | * LoginModule options: | | * <ul> | | * <li><em>dsJndiName</em>: The name of the DataSource of the | | * <li><em>principalsQuery</em>: The prepared statement query | | * <pre> | | * "select Password from Principals where PrincipalID=?" | | * </pre> | | * <li><em>rolesQuery</em>: The prepared statement query, equ | | * <pre> | | * "select Role, RoleGroup from Roles where PrincipalID=?" | | * </pre> | | * </ul> | | * | | * @author <a href="mailto:[EMAIL PROTECTED]">Oleg Nitz</a> | | * @author [EMAIL PROTECTED] | | * @version $Revision: 1.6 $ | | */ | | public class DatabaseServerLoginModule extends UsernamePasswo | | { | | private String dsJndiName; | | private String principalsQuery = "select Password from Pri | | private String rolesQuery = "select Role, RoleGroup from R | | | | /** | | * Initialize this LoginModule. | | */ | | public void initialize(Subject subject, CallbackHandler ca | | { | | super.initialize(subject, callbackHandler, sharedState, | | dsJndiName = (String) options.get("dsJndiName"); | | if( dsJndiName == null ) | | dsJndiName = "java:/DefaultDS"; | | Object tmp = options.get("principalsQuery"); | | if( tmp != null ) | | principalsQuery = tmp.toString(); | | tmp = options.get("rolesQuery"); | | if( tmp != null ) | | rolesQuery = tmp.toString(); | | log.trace("DatabaseServerLoginModule, dsJndiName="+dsJn | | log.trace("principalsQuery="+principalsQuery); | | log.trace("rolesQuery="+rolesQuery); | | } | | | | /** Get the expected password for the current username ava | | * the getUsername() method. This is called from within th | | * method after the CallbackHandler has returned the usern | | * candidate password. | | * @return the valid password String | | */ | | protected String getUsersPassword() throws LoginException | | { | | String username = getUsername(); | | String password = null; | | Connection conn = null; | | PreparedStatement ps = null; | | | | try | | { | | InitialContext ctx = new InitialContext(); | | DataSource ds = (DataSource) ctx.lookup(dsJndiName); | | conn = ds.getConnection(); | | // Get the password | | ps = conn.prepareStatement(principalsQuery); | | ps.setString(1, username); | | ResultSet rs = ps.executeQuery(); | | if( rs.next() == false ) | | throw new FailedLoginException("No matching user | | | | password = rs.getString(1); | | password = convertRawPassword(password); | | rs.close(); | | } | | catch(NamingException ex) | | { | | throw new LoginException(ex.toString(true)); | | } | | catch(SQLException ex) | | { | | log.error("Query failed", ex); | | throw new LoginException(ex.toString()); | | } | | finally | | { | | if( ps != null ) | | { | | try | | { | | ps.close(); | | } | | catch(SQLException e) | | {} | | } | | if( conn != null ) | | { | | try | | { | | conn.close(); | | } | | catch (SQLException ex) | | {} | | } | | } | | return password; | | } | | | | /** Overriden by subclasses to return the Groups that cor | | to the role sets assigned to the user. Subclasses should | | least a Group named "Roles" that contains the roles assi | | A second common group is "CallerPrincipal" that provides | | identity of the user rather than the security domain ide | | @return Group[] containing the sets of roles | | */ | | protected Group[] getRoleSets() throws LoginException | | { | | String username = getUsername(); | | Connection conn = null; | | HashMap setsMap = new HashMap(); | | PreparedStatement ps = null; | | | | try | | { | | InitialContext ctx = new InitialContext(); | | DataSource ds = (DataSource) ctx.lookup(dsJndiName) | | conn = ds.getConnection(); | | // Get the users role names | | ps = conn.prepareStatement(rolesQuery); | | ps.setString(1, username); | | ResultSet rs = ps.executeQuery(); | | if( rs.next() == false ) | | { | | if( getUnauthenticatedIdentity() == null ) | | throw new FailedLoginException("No matching u | | /* We are running with an unauthenticatedIdentit | | empty Roles set and return. | | */ | | Group[] roleSets = { new SimpleGroup("Roles") }; | | return roleSets; | | } | | | | do | | { | | String name = rs.getString(1); | | String groupName = rs.getString(2); | | if( groupName == null || groupName.length() == | | groupName = "Roles"; | | Group group = (Group) setsMap.get(groupName); | | if( group == null ) | | { | | group = new SimpleGroup(groupName); | | setsMap.put(groupName, group); | | } | | group.addMember(new SimplePrincipal(name)); | | } while( rs.next() ); | | rs.close(); | | } | | catch(NamingException ex) | | { | | throw new LoginException(ex.toString(true)); | | } | | catch(SQLException ex) | | { | | super.log.error("SQL failure", ex); | | throw new LoginException(ex.toString()); | | } | | finally | | { | | if( ps != null ) | | { | | try | | { | | ps.close(); | | } | | catch(SQLException e) | | {} | | } | | if( conn != null ) | | { | | try | | { | | conn.close(); | | } | | catch (Exception ex) | | {} | | } | | } | | | | Group[] roleSets = new Group[setsMap.size()]; | | setsMap.values().toArray(roleSets); | | return roleSets; | | } | | | | /** A hook to allow subclasses to convert a password from | | into a plain text string or whatever form is used for ma | | the user input. It is called from within the getUsersPas | | @param rawPassword, the password as obtained from the da | | @return the argument rawPassword | | */ | | protected String convertRawPassword(String rawPassword) | | { | | return rawPassword; | | } | | } View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4128857#4128857 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4128857 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user