[JBoss-user] [Security JAAS/JBoss] - Re: cannot get multiple realms to work with 3.2 (works well
okay, We host four websites in different realms, which all do a DatabaseLoginModule login. I have configured 4 datasources, which all use a different schema within the same oracle 9.2 instance. In JBoss 3.07 production, this works perfectly. In the 3.2 version, I do not get any errors, only the first realm to login 'wins', and the others won't be able to login anymore. I was kind of hoping that configuration has changed with the new version. I know datasource configuration has changed, does it have anything to do with the JNDI bindings? In the former version, I had to configure in the datasource file the mbean ManagedConnectionPooleach time a different name for it to work. depends optional-attribute-name=ManagedConnectionPool !--embedded mbean-- In every datasource-service.xml, i have to change the name=OracleDS to a different name (DS1, DS2 etc). In the new oracle-ds.xml, that is not possible anymore, so I figure it is not necessary either. Or am I wrong, hopefully!!! View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3837023#3837023 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3837023 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: cannot get multiple realms to work with 3.2 (works well
In addition: I don't get any errors, just my page won't show the right things because the principal is null.. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3837024#3837024 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3837024 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: cannot get multiple realms to work with 3.2 (works well
It is all restricted content. The whole website contains confidential information: security-constraint web-resource-collection web-resource-nameRestricted/web-resource-name Declarative security tests url-pattern/restricted/*/url-pattern http-methodHEAD/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method http-methodDELETE/http-method /web-resource-collection auth-constraint role-namerole1/role-name /auth-constraint user-data-constraint no description transport-guaranteeGUARANTEED/transport-guarantee /user-data-constraint /security-constraint It looks like it has something to do with datasource JNDI binding, as if the first datasource is the only one to get a user. It does login correctly, but after that the page just shows the elements that are not user-dependent. For example, I have a menu. I have struts in conjunction with XML/XSL setup. So the controller struts processor executes by passing the request form (action form) to a class which retrieves XML from businessobjects. So the menu page loads by getting user, and depending on the user giving back xml: if (_user.shouldChangePassword()) { | buffer | .append(menugroup id=\personal\ menutitle=\Personal site\\n) | .append( menuitem\n) | .append( item_idlogin/item_id\n) | .append( do_autotrue/do_auto\n) | .append( menu_idmenu1/menu_id\n) | .append( menu_actionmove('userdata.do');/menu_action\n) | .append( menutitel) | .append(Inloggegevens) | .append(/menutitel\n) | .append( menueventmove('userdata.do');/menuevent\n) | .append( /menuitem\n) | .append(/menugroup\n) | .append(\n); | } else { etc. The menupage also has an xsl, and the action transforms the xml to html using this xsl. The page the is written to the response. In the case of jboss 3.07, alls well. In the case of 3.2.x, first realm to login is well, even multiple users on that realm get their own menus perfectly. However, loggin in to a second realm (different customer) the menu just shows the stuff that is not user-dependent. All is https... View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3837073#3837073 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3837073 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - cannot get multiple realms to work with 3.2 (works well in 3
Hello, I have searched all forums, haven't been able to find something about my problem. I have multiple websites in production running on a 3.0.7 JBoss Server. Everything works fine. However, I am now trying to get the same websites running under 3.2. Now something weird happens: The first realm I enter everything is well. The second realm however, gets a null principal. Here is the configuration: oracle-ds file: local-tx-datasource jndi-namex1_datasource/jndi-name connection-urljdbc:oracle:thin:@(description=(address=(host=myHost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))/connection-url driver-classoracle.jdbc.driver.OracleDriver/driver-class user-namex1/user-name xx exception-sorter-class-nameorg.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter/exception-sorter-class-name /local-tx-datasource local-tx-datasource jndi-namex2_datasource/jndi-name connection-urljdbc:oracle:thin:@(description=(address=(host=myHost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))/connection-url driver-classoracle.jdbc.driver.OracleDriver/driver-class user-namex2/user-name x exception-sorter-class-nameorg.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter/exception-sorter-class-name /local-tx-datasource local-tx-datasource jndi-namex3_datasource/jndi-name connection-urljdbc:oracle:thin:@(description=(address=(host=myhost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))/connection-url driver-classoracle.jdbc.driver.OracleDriver/driver-class user-namex3/user-name x exception-sorter-class-nameorg.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter/exception-sorter-class-name /local-tx-datasource local-tx-datasource jndi-namex4_datasource/jndi-name connection-urljdbc:oracle:thin:@(description=(address=(host=myHost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))/connection-url driver-classoracle.jdbc.driver.OracleDriver/driver-class user-namex4/user-name x exception-sorter-class-nameorg.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter/exception-sorter-class-name /local-tx-datasource in login-config.xml i have set up application-policies: application-policy name = xx1 login-module code = org.jboss.security.auth.spi.DatabaseServerLoginModule flag = required module-option name=dsJndiNamejava:/x1_datasource/module-option module-option name=principalsQueryselect wachtwoord from gebruikers where upper (key_gebruiker) = upper (?)/module-option module-option name=rolesQueryselect key_rol, 'Roles' from gebruikers_rollen, gebruikers where upper (key_gebruiker) = upper (?) and gebruikers.id_gebruiker = gebruikers_rollen.id_gebruiker/module-option /login-module /application-policy four times (for every realm one) every jboss-web.xml shows as follows, only the jndi call is different (pointing to one of the above datasources) ?xml version=1.0 encoding=UTF-8? jboss-web context-root/xxroot/context-root security-domainjava:/jaas/xx1/security-domain resource-ref res-ref-namejdbc/x1_datasource/res-ref-name res-typejavax.sql.DataSource/res-type jndi-namejava:/x1_datasource/jndi-name /resource-ref /jboss-web and in the web.xml: (only the auth/datasource part showing here) resource-ref Datasource for x1 res-ref-namejdbc/x1_datasource/res-ref-name res-typejavax.sql.DataSource/res-type res-authContainer/res-auth /resource-ref security-constraint web-resource-collection web-resource-nameRestricted/web-resource-name Declarative security tests url-pattern/restricted/*/url-pattern http-methodHEAD/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method http-methodDELETE/http-method /web-resource-collection auth-constraint role-namerole1/role-name /auth-constraint user-data-constraint no description transport-guaranteeGUARANTEED/transport-guarantee /user-data-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-namexx1/realm-name /login-config Now why doesn't it work in 3.2.4 anymore Funny thing is, the first realm to do authentication will succeed after starting the server, every next realm will fail. Please help View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3836908#3836908 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3836908 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an