Re: [JBoss-user] No auth prompt using security-constraint

Wed, 19 Jun 2002 00:01:48 -0700 

I have got the same problem in JBoss3.0fr. I think it is because of my
incorrect login-config.xml, for if i change the <security-domain> in
jboss-web.xml to an invalid one auth will pop up indicating default
UsersRolesLoginModule works.

Could anyone show me where i miss in my login-config.xml ? Attached is a
part of my login-config.xml and WEB-INF files of my war.
Thanks for reading.

regards,
Cloudor

> ----- Original Message -----
> From: "Piwowar, Heather" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, May 31, 2002 8:47 AM
> Subject: [JBoss-user] No auth prompt using security-constraint
> 
> 
> > I'm trying to get BASIC auth up and running for my web application. I have
> > modified my web.xml file (see below). The implementation works fine under
> > the J2EE reference implementation (I get prompted for a username and
> > password when I try to reference the page).
> >
> > However, When I try to deploy my EAR under Jboss-2.4.4_Tomcat-4.0.1, I do
> > not get prompted for a username and password... it acts as if the
> > security-contraint is not set. There are no errors in loading the EAR or
> > showing the page (see below).
> >
> > Any ideas? I'm feeling really stuck!
> >
> > Thanks so much,
> > Heather


   <application-policy name="mydomain">
       <authentication>
          <login-module code="org.jboss.security.ClientLoginModule"
             flag = "required">
          </login-module>
          <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
             flag = "required">
             <module-option name="dsJndiName">java:/MySqlDS</module-option>
             <module-option name="principalsQuery">
                select passwd from Passwd where username=?
             </module-option>
             <module-option name="rolesQuery">
                select role, 'Roles' from Roles where username=?
             </module-option>
             <module-option name="unauthenticatedIdentity">nobody</module-option>
          </login-module>
       </authentication>
    </application-policy>


<?xml version="1.0" encoding="UTF8"?>

<!DOCTYPE web-app
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
    "http://java.sun.com/dtd/web-app_2_3.dtd";>

<web-app>
   <security-constraint>
      <web-resource-collection>
         <web-resource-name>ROOT</web-resource-name>
         <url-pattern>/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
         <role-name>echo</role-name>
      </auth-constraint>
   </security-constraint>
   <login-config>
      <auth-method>BASIC</auth-method>
   </login-config>
      
</web-app>

<jboss-web>
	<context-root>/</context-root>
   <security-domain>java:/jaas/mydomain</security-domain>
</jboss-web>

Reply via email to