On further testing and research, it looks like I
was not failing authentication -- rather, I was authenticated, but I was not
assigned the role, "Player".
This explains why I was not routed to the
authentication failure page. However, I am still at a loss to see why I am
not being placed in the "Player" role.
I am logging in with a username of "jrssnyder", the
DatabaseServerLoginModule specifies a rolesQuery of "select securityRoleName,
securityRoleGroupName from app.SecurityRole where principalid=?", and when I run
the query, " select securityRoleName, securityRoleGroupName from
app.SecurityRole where principalid='jrssnyder' " I get back: a securityRoleName
of "Player" and a securityRoleGroupName of "PlayerGroup".
Yet, when I create a JSP page to handle the 403
error, request.isUserInRole(''Player'') returns false.
Why would this be?
Please help if you can,
-- Thanks a lot.
*******************************************
Former post:
Hello all,
I am trying to use the DatabaseServerLoginModule with = jboss-3.0.0_tomcat-4.0.3, using a FORM login. All I am trying to do at = this point is to secure a JSP page called Office.jsp. When I try to go to the JSP page, the login page comes up, as expected = based on the web.xml configuration. When I fill in the username and = password (for j_username and j_password), then click the submit button = (action="3D"j_security_check")," the JBoss console displays, "Added = PC_CloudscapeDbRealm, = org.jboss.security.plugins.SecurityDomainContext@a631cc to map", which I = believe is telling me that JBoss is applying the PC_CloudscapeDbRealm = security realm, which is what I want. My problem is twofold: First, I am not authenticated when I log in with a username/password = combination that should pass authentication (the combination is in my = security table). Second, if authentication fails, I should be redirected to the failed = login page specified in my web.xml file, but I am not -- instead, the = web browser just displays a Status 403 page, saying, "message Access to = the requested resource has been denied" and "description Access to the = specified resource (Access to the requested resource has been denied) = has been forbidden."=20 Can anyone please explain this behavior, and more importantly, how to = fix it? The relevant configuration files are as follows (in relevant = part): web.xml: <!-- Security --> <security-constraint>=20 <web-resource-collection> <web-resource-name>Office</web-resource-name> <url-pattern>/jsp/Office.jsp</url-pattern> </web-resource-collection>=20 <auth-constraint> <!-- Anyone with one of the listed roles may access this area --> <role-name>Player</role-name> </auth-constraint> </security-constraint>=20 <!-- The <realm-name> in web.xml must match with the = <application-policy> entry in=20 login-config.xml for JBoss' JAAS --> <login-config> <auth-method>FORM</auth-method> <realm-name>PC_CloudscapeDbRealm</realm-name> <form-login-config>=20 <form-login-page>/html/Login.html</form-login-page> <form-error-page>/html/Login.html?valid=3Dno</form-error-page> </form-login-config>=20 </login-config> jboss-web.xml (in WEB-INF directory of war file): <jboss-web> <security-domain>java:/jaas/PC_CloudscapeDbRealm</security-domain> </jboss-web> login-config.xml: <application-policy name =3D "CloudscapeDbRealm"> <authentication> <login-module code =3D = "org.jboss.resource.security.ConfiguredIdentityLoginModule" flag =3D = "required"> <module-option name =3D "principal">pc</module-option> <module-option name =3D "userName">pc</module-option> <module-option name =3D "password"></module-option> <module-option name =3D = "managedConnectionFactoryName">jboss.jca:service=3DLocalTxCM,name=3DCloud= scapeDS</module-option> </login-module> </authentication> </application-policy> <application-policy name =3D "PC_CloudscapeDbRealm"> <authentication> <login-module code =3D = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag =3D = "required"> <module-option name=3D"dsJndiName">java:/CloudscapeDS</module-option> <module-option name=3D"principalsQuery">select password from app.Player = where playername=3D?</module-option> <module-option name=3D"rolesQuery">select securityRoleName, = securityRoleGroupName from app.SecurityRole where = principalid=3D?</module-option> <module-option name =3D = "managedConnectionFactoryName">jboss.jca:service=3DLocalTxCM,name=3DCloud= scapeDS</module-option> </login-module> </authentication> </application-policy> Any help would be greatly appreciated. Thanks a lot in advance, -- John |