On further testing and research, it looks like I
was not failing authentication -- rather, I was authenticated, but I was not
assigned the role, "Player".
This explains why I was not routed to the
authentication failure page. However, I am still at a loss to see why I am
not being placed in the "Player" role.
I am logging in with a username of "jrssnyder", the
DatabaseServerLoginModule specifies a rolesQuery of "select securityRoleName,
securityRoleGroupName from app.SecurityRole where principalid=?", and when I run
the query, " select securityRoleName, securityRoleGroupName from
app.SecurityRole where principalid='jrssnyder' " I get back: a securityRoleName
of "Player" and a securityRoleGroupName of "PlayerGroup".
Yet, when I create a JSP page to handle the 403
error, request.isUserInRole(''Player'') returns false.
Why would this be?
Please help if you can,
-- Thanks a lot.
***
Former post:
Hello all,I am trying to use the DatabaseServerLoginModule with
=jboss-3.0.0_tomcat-4.0.3, using a FORM login. All I am trying to do at
=this point is to secure a JSP page called Office.jsp.When I try to
go to the JSP page, the login page comes up, as expected =based on the
web.xml configuration. When I fill in the username and =password (for
j_username and j_password), then click the submit button
=(action="3D"j_security_check")," the JBoss console displays, "Added
=PC_CloudscapeDbRealm, =org.jboss.security.plugins.SecurityDomainContext@a631cc
to map", which I =believe is telling me that JBoss is applying the
PC_CloudscapeDbRealm =security realm, which is what I want.My
problem is twofold:First, I am not authenticated when I log in with a
username/password =combination that should pass authentication (the
combination is in my =security table).Second, if authentication
fails, I should be redirected to the failed =login page specified in my
web.xml file, but I am not -- instead, the =web browser just displays a
Status 403 page, saying, "message Access to =the requested resource has been
denied" and "description Access to the =specified resource (Access to the
requested resource has been denied) =has been forbidden."=20Can anyone
please explain this behavior, and more importantly, how to =fix it? The
relevant configuration files are as follows (in relevant
=part):web.xml:=20Office/jsp/Office.jsp=20Player=20FORMPC_CloudscapeDbRealm=20/html/Login.html/html/Login.html?valid=3Dno=20jboss-web.xml
(in WEB-INF directory of war
file):java:/jaas/PC_CloudscapeDbRealmlogin-config.xml:"org.jboss.resource.security.ConfiguredIdentityLoginModule" flag
=3D ="required">pcpc"managedConnectionFactoryName">jboss.jca:service=3DLocalTxCM,name=3DCloud=scapeDS"org.jboss.security.auth.spi.DatabaseServerLoginModule" flag =3D
="required">java:/CloudscapeDSselect password from app.Player =where
playername=3D?select securityRoleName, =securityRoleGroupName from
app.SecurityRole where
=principalid=3D?"managedConnectionFactoryName">jboss.jca:service=3DLocalTxCM,name=3DCloud=scapeDSAny
help would be greatly appreciated.Thanks a lot in advance,--
John
