Yes, a little flaw in the automated testing failed to find the problem.
I'll do a new release with a fix tonight.

----- Original Message -----
From: "François Charoy" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, June 22, 2001 8:35 AM
Subject: [JBoss-user] Changes in jboss security integration for 2.4beta


> Hi,
>
> I have just downloaded the new beta release (2.4) of jboss/tomcat
> integration, installed my application but
> it seems that the tomcat security integration does not work as it used to
> be. I'm using the DatabaseServerLoginModule
> and here is my auth.conf (inspired from the great Jaas how to that I
> followed step by step)
>
> When I try to access the servlet, a login window opens but it seems to have
> no effect on the server.
>
> and BTW what is this new file domain.xml ?
>
> François (going back to 2.2.2 for now :)
>
>
> auth.conf
> example1 {
> // A properties file LoginModule that supports CallerPrincipal mapping
>     org.jboss.security.auth.spi.UsersRolesLoginModule required
>     ;
> };
>
> example2 {
> /* A JDBC based LoginModule
> LoginModule options:
> dsJndiName: The name of the DataSource of the database containing the
> Principals, Roles tables
> principalsQuery: The prepared statement query equivalent to:
>     "select userPasswd from userss where userName=?"
> rolesQuery: The prepared statement query equivalent to:
>     "select Role, RoleGroup from Roles where userName=?"
> */
>     org.jboss.security.auth.spi.DatabaseServerLoginModule required
>     dsJndiName="java:/DefaultDS"
>     principalsQuery="select userPasswd from users where userName=?"
>     rolesQuery="select roleName, RoleGroup from Roles where userName=?"
>     ;
> };
>
> This is the only thing I changed in the new configuration
>
> Here are the other files that may be useful but they were working before....
>
> jboss-web
> <?xml version="1.0" encoding="UTF-8"?>
>
> <jboss-web>
>     <security-domain>java:/jaas/example2</security-domain>
>
> </jboss-web>
>
> web.xml
> <?xml version="1.0" encoding="Cp1252"?>
>
> <web-app>
>   <display-name>JUnit</display-name>
>   <description>This component contains the JUnit testing
> framework.</description>
>   <servlet>
>     <servlet-name>TestRunner</servlet-name>
>     <display-name>TestRunner</display-name>
>     <description>This servlet can invoke JUnit test cases in the context of
> a running application server.</description>
>     <servlet-class>junit.servletui.TestRunner</servlet-class>
>   </servlet>
>   <servlet-mapping>
>     <servlet-name>TestRunner</servlet-name>
>     <url-pattern>/protected/TestRunner</url-pattern>
>   </servlet-mapping>
>   <session-config>
>     <session-timeout>500</session-timeout>
>   </session-config>
>   <welcome-file-list>
>     <welcome-file>index.html</welcome-file>
>   </welcome-file-list>
>     <security-constraint>
>       <web-resource-collection>
>          <web-resource-name>Protected Area</web-resource-name>
>   <!-- Define the context-relative URL(s) to be protected -->
>          <url-pattern>/protected/*</url-pattern>
>   <!-- If you list http methods, only those methods are protected -->
>   <http-method>HEAD</http-method>
>   <http-method>DELETE</http-method>
>          <http-method>GET</http-method>
>          <http-method>POST</http-method>
>   <http-method>PUT</http-method>
>       </web-resource-collection>
>       <auth-constraint>
>          <role-name>Admin</role-name>
>   <role-name>role1</role-name>
>       </auth-constraint>
>     </security-constraint>
>
>     <!-- Form-based login is enabled by default.  If you wish to
>          try Basic authentication, comment out the <login-config>
>          section below and uncomment the one above. -->
>     <login-config>
>       <auth-method>BASIC</auth-method>
>       <realm-name>Example Form-Based Authentication Area</realm-name>
>     </login-config>
>
> </web-app>
>
>
>
>
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
>


_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to