[JBoss-user] [Security JAAS/JBoss] - Re: cannot get multiple realms to work with 3.2 (works well

2004-06-01 Thread Eelco69 
okay,

We host four websites in different realms, which all do a DatabaseLoginModule login. I 
have configured 4 datasources, which all use a different schema within the same oracle 
9.2 instance. 

In JBoss 3.07 production, this works perfectly. In the 3.2 version, I do not get any 
errors, only the first realm to login 'wins', and the others won't be able to login 
anymore. 

I was kind of hoping that configuration has changed with the new version. I know 
datasource configuration has changed, does it have anything to do with the JNDI 
bindings? In the former version, I had to configure in the datasource file the mbean 
ManagedConnectionPooleach time a different name for it to work. 

depends optional-attribute-name=ManagedConnectionPool
  !--embedded mbean--
  

In every datasource-service.xml, i have to change the name=OracleDS to a different 
name (DS1, DS2 etc). 

In the new oracle-ds.xml, that is not possible anymore, so I figure it is not 
necessary either. Or am I wrong, hopefully!!!

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=3837023#3837023

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3837023



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security JAAS/JBoss] - Re: cannot get multiple realms to work with 3.2 (works well

2004-06-01 Thread Eelco69 
In addition: I don't get any errors, just my page won't show the right things because 
the principal is null..

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=3837024#3837024

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3837024



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security JAAS/JBoss] - Re: cannot get multiple realms to work with 3.2 (works well

2004-06-01 Thread Eelco69 
It is all restricted content. The whole website contains confidential information:
security-constraint 
web-resource-collection 
web-resource-nameRestricted/web-resource-name 
Declarative security tests 
url-pattern/restricted/*/url-pattern 
http-methodHEAD/http-method 
http-methodGET/http-method 
http-methodPOST/http-method 
http-methodPUT/http-method 
http-methodDELETE/http-method 
/web-resource-collection 
auth-constraint 
role-namerole1/role-name 
/auth-constraint 
user-data-constraint 
no description 
transport-guaranteeGUARANTEED/transport-guarantee 
/user-data-constraint 
/security-constraint 

It looks like it has something to do with datasource JNDI binding, as if the first 
datasource is the only one to get a user. It does login correctly, but after that the 
page just shows the elements that are not user-dependent. 

For example, I have a menu. I have struts in conjunction with XML/XSL setup. So the 
controller struts processor executes by passing the request form (action form) to a 
class which retrieves XML from businessobjects. So the menu page loads by getting 
user, and depending on the user giving back xml:

if (_user.shouldChangePassword()) {
  | buffer
  | .append(menugroup id=\personal\ 
menutitle=\Personal site\\n)
  | .append(  menuitem\n)
  | .append( item_idlogin/item_id\n)
  | .append( do_autotrue/do_auto\n)
  | .append( menu_idmenu1/menu_id\n)
  | .append( 
menu_actionmove('userdata.do');/menu_action\n)
  | .append( menutitel)
  | .append(Inloggegevens)
  | .append(/menutitel\n)
  | .append( 
menueventmove('userdata.do');/menuevent\n)
  | .append(  /menuitem\n)
  | .append(/menugroup\n)
  | .append(\n);
  | } else {

etc.

The menupage also has an xsl, and the action transforms the xml to html using this 
xsl. The page the is written to the response. In the case of jboss 3.07, alls well. In 
the case of 3.2.x, first realm to login is well, even multiple users on that realm get 
their own menus perfectly. 

However, loggin in to a second realm (different customer) the menu just shows the 
stuff that is not user-dependent.

All is https...

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=3837073#3837073

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3837073



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security JAAS/JBoss] - cannot get multiple realms to work with 3.2 (works well in 3

2004-05-30 Thread Eelco69 
Hello,

I have searched all forums, haven't been able to find something about my problem. I 
have multiple websites in production running on a 3.0.7 JBoss Server. Everything works 
fine. However, I am now trying to get the same websites running under 3.2. Now 
something weird happens: The first realm I enter everything is well. The second realm 
however, gets a null principal. Here is the configuration: 

oracle-ds file:
 
  local-tx-datasource
jndi-namex1_datasource/jndi-name

connection-urljdbc:oracle:thin:@(description=(address=(host=myHost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))/connection-url
driver-classoracle.jdbc.driver.OracleDriver/driver-class
user-namex1/user-name
xx

exception-sorter-class-nameorg.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter/exception-sorter-class-name
  /local-tx-datasource
  local-tx-datasource
jndi-namex2_datasource/jndi-name

connection-urljdbc:oracle:thin:@(description=(address=(host=myHost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))/connection-url
driver-classoracle.jdbc.driver.OracleDriver/driver-class
user-namex2/user-name
x

exception-sorter-class-nameorg.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter/exception-sorter-class-name
  /local-tx-datasource
  local-tx-datasource
jndi-namex3_datasource/jndi-name

connection-urljdbc:oracle:thin:@(description=(address=(host=myhost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))/connection-url
driver-classoracle.jdbc.driver.OracleDriver/driver-class
user-namex3/user-name
x

exception-sorter-class-nameorg.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter/exception-sorter-class-name
  /local-tx-datasource
  local-tx-datasource
jndi-namex4_datasource/jndi-name

connection-urljdbc:oracle:thin:@(description=(address=(host=myHost)(protocol=tcp)(port=1521))(connect_data=(SERVICE_NAME=mySid)))/connection-url
driver-classoracle.jdbc.driver.OracleDriver/driver-class
user-namex4/user-name
x

exception-sorter-class-nameorg.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter/exception-sorter-class-name
  /local-tx-datasource
  


in login-config.xml i have set up application-policies:

application-policy name = xx1 
   
login-module code = org.jboss.security.auth.spi.DatabaseServerLoginModule 
flag = required 
  module-option name=dsJndiNamejava:/x1_datasource/module-option
  module-option name=principalsQueryselect wachtwoord from gebruikers 
where upper (key_gebruiker) = upper (?)/module-option 
  module-option name=rolesQueryselect key_rol, 'Roles' from 
gebruikers_rollen, gebruikers where upper (key_gebruiker) = upper (?) and 
gebruikers.id_gebruiker = gebruikers_rollen.id_gebruiker/module-option 
/login-module 
   
/application-policy

four times (for every realm one)

every jboss-web.xml shows as follows, only the jndi call is different (pointing to one 
of the above datasources)

?xml version=1.0 encoding=UTF-8?
jboss-web
context-root/xxroot/context-root
security-domainjava:/jaas/xx1/security-domain
resource-ref
res-ref-namejdbc/x1_datasource/res-ref-name
res-typejavax.sql.DataSource/res-type
jndi-namejava:/x1_datasource/jndi-name
/resource-ref
/jboss-web

and in the web.xml: (only the auth/datasource part showing here)

  resource-ref 
Datasource for x1 
res-ref-namejdbc/x1_datasource/res-ref-name 
res-typejavax.sql.DataSource/res-type 
res-authContainer/res-auth 
  /resource-ref

  security-constraint
web-resource-collection
  web-resource-nameRestricted/web-resource-name
  Declarative security tests
  url-pattern/restricted/*/url-pattern
  http-methodHEAD/http-method
  http-methodGET/http-method
  http-methodPOST/http-method
  http-methodPUT/http-method
  http-methodDELETE/http-method
/web-resource-collection
auth-constraint
  role-namerole1/role-name
/auth-constraint
user-data-constraint
  no description
  transport-guaranteeGUARANTEED/transport-guarantee
/user-data-constraint
  /security-constraint
  
  login-config
auth-methodBASIC/auth-method
realm-namexx1/realm-name
  /login-config

Now why doesn't it work in 3.2.4 anymore

Funny thing is, the first realm to do authentication will succeed after starting the 
server, every next realm will fail. 

Please help

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=3836908#3836908

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3836908



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an