Martin Simka [http://community.jboss.org/people/simkam] created the discussion
"custom login module and admin-console" To view the discussion, visit: http://community.jboss.org/message/579061#579061 -------------------------------------------------------------- Hi, My custom login module authenticates user against active directory and assigns roles from database. It works great with jmx-console but I can't get it work with admin-console. No error, no exception, just HTTP Status 404 - /admin-console/loggedIn.seam after succesfull authentication Login Module public class LdapDBLoginModule implements LoginModule { private static final String LDAP_URL = "ldap-url"; private static final String LDAP_DOMAIN = "ldap-domain"; private static final String LDAP_BASE_DN = "ldap-base-dn"; private static final String APPLICATION_NAME = "application-name"; private static final String DS_JNDI_NAME = "ds-jndi-name"; private static final String QRY_PARAM_UZIVATEL = "uzivatel"; private static final String QRY_PARAM_SKUPINA = "skupina"; private static final String ROLE_QUERY = "SELECT nazev_role as role, uzivatel as uziv " + "FROM jbosslogin_pristupy pristup " + "LEFT JOIN jbosslogin_role role on pristup.role=role.id " + "LEFT JOIN jbosslogin_uzivatele uziv on uziv.username=pristup.uzivatel " + "WHERE role.aplikace=? and uziv.typ=?"; private Subject subject; private CallbackHandler callbackHandler; private Map sharedState; private Map options; private boolean success = false; private MyPrincipal userPrincipal; private Set<String> roles; private String ldapUrl; private String ldapBaseDn; private String dsJndiName; private String applicationName; private String ldapDomain; private static final Logger logger = Logger.getLogger(LdapDBLoginModule.class.getName()); /** * Incializace * @param subject * @param callbackHandler * @param sharedState * @param options */ @Override public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { logger.log(Level.INFO, "initialize login"); this.subject = subject; this.callbackHandler = callbackHandler; this.sharedState = sharedState; this.options = options; this.ldapUrl = (String) options.get(LDAP_URL); this.ldapBaseDn = (String) options.get(LDAP_BASE_DN); this.dsJndiName = (String) options.get(DS_JNDI_NAME); if (dsJndiName == null) { dsJndiName = "java:/DefaultDS"; } this.applicationName = (String) options.get(APPLICATION_NAME); this.ldapDomain = (String) options.get(LDAP_DOMAIN); roles = new HashSet<String>(); logger.log(Level.INFO, "application {0}", applicationName); logger.log(Level.INFO, "dsJndiName {0}", dsJndiName); } @Override public boolean login() throws LoginException { logger.log(Level.INFO, "initialize login"); if (callbackHandler == null) { logger.log(Level.INFO, "Chyba prihlaseni. Neni dostupny CallbackHandler"); throw new LoginException("Chyba prihlaseni. Neni dostupny CallbackHandler"); } NameCallback nc = new NameCallback("User name: ", "guest"); PasswordCallback pc = new PasswordCallback("Password: ", false); Callback[] callbacks = {nc, pc}; String username = null; String password = null; try { callbackHandler.handle(callbacks); username = nc.getName(); password = new String(pc.getPassword()); logger.log(Level.INFO, "uzivatel {0}", username); logger.log(Level.INFO, "heslo {0}", password); try { LdapControl ldapControl = new LdapControl(ldapUrl, username + "@" + ldapDomain, password, ldapBaseDn); try { ADUser adUser = ldapControl.getUserByUsername(username, ZdasFilters.ZDAS_USER_BY_USERNAME); userPrincipal = parseAdUser(adUser); roles = getDataZDb(username, adUser.getMemberOf()); if (roles.isEmpty()) { logger.log(Level.INFO, "Prihlaseni uzivatele {0} se nezdarilo, overeni proti databazi pristupu.", username); throw new FailedLoginException("Prihlaseni uzivatele " + username + " se nezdarilo, overeni proti databazi pristupu."); } } catch (AdZaznamNenalezenException azne) { userPrincipal = new MyPrincipal(username, "", "", username, ""); } success = true; logger.log(Level.INFO, "Uzivatel {0}prihlasenen. LoginOk: {1}", new Object[]{username, success}); return true; } catch (AuthenticationException ae) { logger.log(Level.INFO, "Prihlaseni uzivatele {0} se nezdarilo, overeni proti domene.", username); throw new FailedLoginException("Prihlaseni uzivatele " + username + " se nezdarilo, overeni proti domene."); } catch (NamingException ne) { logger.log(Level.INFO, "Chyba prihlaseni. Chyba spojeni s LDAP"); LoginException le = new LoginException("Chyba prihlaseni. Chyba spojeni s LDAP"); le.initCause(ne); throw le; } } catch (IOException ioe) { logger.log(Level.INFO, "Chyba prihlaseni. Nepodarilo se precist username/password"); LoginException le = new LoginException("Chyba prihlaseni. Nepodarilo se precist username/password"); le.initCause(ioe); throw le; } catch (UnsupportedCallbackException uce) { logger.log(Level.INFO, "CallbackHandler nepodporuje: {0}", uce.getCallback()); LoginException le = new LoginException("CallbackHandler nepodporuje: " + uce.getCallback()); le.initCause(uce); throw le; } } @Override public boolean commit() throws LoginException { logger.log(Level.INFO, "commit, loginOk: {0}", success); if (!success) { return false; } Set principals = subject.getPrincipals(); principals.add(userPrincipal); MyGroup group = new MyGroup("Roles"); logger.log(Level.INFO, "Role: {0}", roles); for (String str : roles) { MyGroup g = new MyGroup(str); g.addMember(group); principals.add(g); group.addMember(g); } principals.add(group); return true; } @Override public boolean abort() throws LoginException { logger.log(Level.INFO, "abort login"); success = false; logout(); return true; } @Override public boolean logout() throws LoginException { logger.log(Level.INFO, "logout"); Set principals = subject.getPrincipals(); principals.remove(userPrincipal); MyGroup group = new MyGroup("Roles"); for (String str : roles) { MyGroup myGroup = new MyGroup(str); principals.remove(myGroup); group.addMember(myGroup); } principals.remove(group); return true; } private MyPrincipal parseAdUser(ADUser adUser) { String desc = adUser.getDescription(); String osobniCislo = null; if (desc != null) { if (desc.contains(";")) { osobniCislo = desc.split(";")[0]; } else { osobniCislo = desc; } } return new MyPrincipal(adUser.getsAMAccountName(), adUser.getName(), adUser.getSn(), adUser.getDisplayName(), osobniCislo); } private Set<String> getDataZDb(String username, List<String> skupiny) throws LoginException { Connection conn = null; PreparedStatement ps = null; ResultSet rs = null; try { InitialContext ic = new InitialContext(); DataSource ds = (DataSource) ic.lookup(dsJndiName); conn = ds.getConnection(); ps = conn.prepareStatement(ROLE_QUERY); ps.setString(1, applicationName); ps.setString(2, QRY_PARAM_UZIVATEL); rs = ps.executeQuery(); Set<String> set = new HashSet<String>(); while (rs.next()) { String u = rs.getString("uziv"); if (u.trim().equals(username)) { set.add(rs.getString("role")); } } ps.setString(2, QRY_PARAM_SKUPINA); rs = ps.executeQuery(); while (rs.next()) { String u = rs.getString("uziv"); for (String skup : skupiny) { if (u.trim().equals(skup)) { set.add(rs.getString("role")); break; } } } return set; } catch (NamingException ne) { logger.log(Level.INFO, "Chyba prihlasni. Chyba datasource."); LoginException le = new LoginException("Chyba prihlasni. Chyba datasource."); le.initCause(ne); throw le; } catch (SQLException sqle) { logger.log(Level.INFO, "Chyba prihlasni. Chyba query.", sqle); LoginException le = new LoginException("Chyba prihlasni. Chyba query."); le.initCause(sqle); throw le; } finally { if (rs != null) { try { rs.close(); } catch (SQLException e) { } } if (ps != null) { try { ps.close(); } catch (SQLException e) { } } if (conn != null) { try { conn.close(); } catch (SQLException ex) { } } } } } Any idea? Also I'm not sure about commit method. Maybe there is a mistake. (jboss-6.0.0.Final) -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/579061#579061] Start a new discussion in Beginner's Corner at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]
_______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
