i implemented JAAS the best i know how; however, when i enter the correct username and password with the correct role, it forwards me to the bad login page??? i also get no exceptions in the jboss console.
i am using the username: 'tom' and the password 'tomuser'. as you can see below, tom has a password of 'tomuser' and is in the role of 'admin' what am i missing??? here is my configuration: mysql sql code | use pyxiswebadmin; | drop table users; | drop table roles; | | create table users | ( | username varchar(64) not null primary key, | password varchar(64) not null | | ); | | create table roles | ( | username varchar(64), | role varchar(64) | | ); | | insert into users values ('tom', 'tomuser'); | insert into users values ('dick', 'dickuser'); | insert into users values ('harry', 'harryuser'); | | insert into roles value ('tom', 'admin'); | insert into roles value ('dick', 'audit'); | insert into roles value ('harry', 'user'); | | commit; | mysql database data | mysql> show tables; | +-------------------------+ | | Tables_in_pyxiswebadmin | | +-------------------------+ | | roles | | | users | | +-------------------------+ | 2 rows in set (0.00 sec) | | mysql> select * from users; | +----------+-----------+ | | username | password | | +----------+-----------+ | | tom | tomuser | | | dick | dickuser | | | harry | harryuser | | +----------+-----------+ | 3 rows in set (0.00 sec) | | mysql> select * from roles; | +----------+-------+ | | username | role | | +----------+-------+ | | tom | admin | | | dick | audit | | | harry | user | | +----------+-------+ | 3 rows in set (0.00 sec) | login-config | <!-- ####################################### --> | <!-- added for Pyxis Server security --> | <!-- ####################################### --> | <application-policy name="pyxis-client-login"> | <authentication> | <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> | <module-option name="dsJndiName">java:/pyxisDS</module-option> | <module-option name="principalsQuery">select password from users where username=?</module-option> | <module-option name="roleQuery">select role, 'Role' from roles where username=?</module-option> | </login-module> | </authentication> | </application-policy> | | <!-- ####################################### --> | datasource | <?xml version="1.0" encoding="UTF-8"?> | | <datasources> | <local-tx-datasource> | <jndi-name>pyxisDS</jndi-name> | <connection-url>jdbc:mysql://localhost:3306/pyxiswebadmin</connection-url> | <driver-class>org.gjt.mm.mysql.Driver</driver-class> | <user-name>pyxis</user-name> | <password>pyxisuser</password> | </local-tx-datasource> | | </datasources> | jboss-web.xml | <jboss-web> | <security-domain>java:/jaas/pyxis-client-login</security-domain> | </jboss-web> | web.xml | <?xml version="1.0" encoding="UTF-8"?> | <web-app version="2.5" | xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | xmlns="http://java.sun.com/xml/ns/javaee" | xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" | xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> | | <welcome-file-list> | <welcome-file>index.jsp</welcome-file> | </welcome-file-list> | | <security-constraint> | <web-resource-collection> | <web-resource-name>HtmlAdaptor</web-resource-name> | <url-pattern>/*</url-pattern> | <http-method>GET</http-method> | <http-method>POST</http-method> | </web-resource-collection> | <auth-constraint> | <role-name>admin</role-name> | </auth-constraint> | <user-data-constraint> | <transport-guarantee>NONE</transport-guarantee> | </user-data-constraint> | </security-constraint> | | <login-config> | <auth-method>FORM</auth-method> | <form-login-config> | <form-login-page>/restricted/login.jsp</form-login-page> | <form-error-page>/restricted/bad-login.jsp</form-error-page> | </form-login-config> | </login-config> | | <security-role> | <role-name>admin</role-name> | </security-role> | | </web-app> | View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238939#4238939 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238939 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user