Hello all,
I am trying to use the DatabaseServerLoginModule
with jboss-3.0.0_tomcat-4.0.3, using a FORM login. All I am trying to do at this
point is to secure a JSP page called Office.jsp.
When I try to go to the JSP page, the login page
comes up, as expected based on the web.xml configuration. When I fill in the
username and password (for j_username and j_password), then click the submit
button (action="j_security_check"), the JBoss console displays, "Added
PC_CloudscapeDbRealm, org.jboss.security.plugins.SecurityDomainContext@a631cc to
map", which I believe is telling me that JBoss is applying the
PC_CloudscapeDbRealm security realm, which is what I want.
My problem is twofold:
First, I am not authenticated when I log in with a
username/password combination that should pass authentication (the combination
is in my security table).
Second, if authentication fails, I should be
redirected to the failed login page specified in my web.xml file, but I am not
-- instead, the web browser just displays a Status 403 page, saying, "message
Access to the requested resource has been denied" and "description Access to the
specified resource (Access to the requested resource has been denied) has been
forbidden."
Can anyone please explain this behavior, and more
importantly, how to fix it? The relevant configuration files are as follows (in
relevant part):
web.xml:
<!-- Security -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Office</web-resource-name>
<url-pattern>/jsp/Office.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may
access this area -->
<role-name>Player</role-name>
</auth-constraint>
</security-constraint>
<!-- The <realm-name> in web.xml must
match with the <application-policy> entry in
login-config.xml for JBoss' JAAS
-->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>PC_CloudscapeDbRealm</realm-name>
<form-login-config>
<form-login-page>/html/Login.html</form-login-page>
<form-error-page>/html/Login.html?valid=no</form-error-page>
</form-login-config>
</login-config>
jboss-web.xml (in WEB-INF directory of war
file):
<jboss-web>
<security-domain>java:/jaas/PC_CloudscapeDbRealm</security-domain>
</jboss-web>
login-config.xml:
<application-policy name =
"CloudscapeDbRealm">
<authentication>
<login-module code =
"org.jboss.resource.security.ConfiguredIdentityLoginModule" flag =
"required">
<module-option name =
"principal">pc</module-option>
<module-option name =
"userName">pc</module-option>
<module-option name =
"password"></module-option>
<module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=CloudscapeDS</module-option>
</login-module>
</authentication>
</application-policy>
<application-policy name =
"PC_CloudscapeDbRealm">
<authentication>
<login-module code =
"org.jboss.security.auth.spi.DatabaseServerLoginModule" flag =
"required">
<module-option
name="dsJndiName">java:/CloudscapeDS</module-option>
<module-option name="principalsQuery">select
password from app.Player where playername=?</module-option>
<module-option name="rolesQuery">select
securityRoleName, securityRoleGroupName from app.SecurityRole where
principalid=?</module-option>
<module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=CloudscapeDS</module-option>
</login-module>
</authentication>
</application-policy>
Any help would be greatly appreciated.
Thanks a lot in advance,
-- John
|