Hi All,
This subject has been raised in the past many times. I have gone through
almost all, but none could solve my problem. Also to mention that, those
discussions were on earlier versions of JBoss.
I am using JBoss v 4.0.2,.I have implemented form-based authentication,
in which the form submits to a Servlet which performs the authentication.
Without any problem, the login happens, however I am getting
request.getUserPrincipal() as null. I also check for the roles, that always
return false even for the successful logins (This must be obvious, as
principal is null. If not please do explain that too!)
Below are my code snippets:
******************* Login Servlet ******************************
public class LoginServlet extends HttpServlet
| {
| public void doPost(HttpServletRequest request, HttpServletResponse
| response) throws IOException
|
| { // ...
|
| SecurityAssociationHandler handler = new
SecurityAssociationHandler();
| Principal user = new SimplePrincipal(username);
| handler.setSecurityInfo(user, password.toCharArray());
|
| try
| {
| LoginContext loginContext = new LoginContext("ODBCRealm",
| (CallbackHandler)handler);
| loginContext.login();
| Subject subject = loginContext.getSubject();
| Set principals = subject.getPrincipals();
| principals.add(user);
|
| title = "Login Suceess";
| message="<h1>Login Success</h1>";
| message = message + "<br/>Hi "+request.getUserPrincipal()+" !";
| message = message + "Servlet: : You belong to the following
roles:<br/> <blockquote><ol>";
| if(request.isUserInRole("admin"))
| {
| message = message +"<li>admin,</li> ";
| }
|
| if (request.isUserInRole("loginUser"))
| {
| message = message +"<li>loginUser, </li>";
| }
| if (request.isUserInRole("role1"))
| {
| message = message +"<li>role1,</li> ";
| }
| message = message+"</ol></blockquote>";
| }
| catch (LoginException le)
| {
| title = "Login Failed";
| message="<h1>Login Failed</h1>";
| }
| response.setContentType("text/html");
| PrintWriter out = response.getWriter();
|
out.println("<html><head><title>"+title+"</title><body>"+message+"</body></h
| tml>");
|
| }
| }
************* login-config.xml *******************************
<policy>
|
| <application-policy name = "client-login">
| <authentication>
| <login-module code = "org.jboss.security.ClientLoginModule"
| flag = "required">
| </login-module>
| </authentication>
| </application-policy>
|
| <application-policy name="ODBCRealm">
| <authentication>
| <login-module
| code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
| <module-option name="dsJndiName">java:/ODBCDS</module-option>
| <module-option name="principalsQuery">
| Select Password from Principals where PrincipalID =
?</module-option>
| <module-option name="rolesQuery">
| Select Role 'Roles', RoleGroup 'RoleGroups' from Roles where
| PrincipalID =?</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
| <authentication>
| <login-module code =
"org.jboss.security.auth.spi.UsersRolesLoginModule"
| flag = "required" />
| </authentication>
| </application-policy>
|
| <!?Standard tags shipped with JBoss are intact -->
|
| </policy>
This much code may be enough. If more is required, do ask me. Also
there was no error message in the logs.
Any help in this regard would be appretiated
Thanks in advance
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3902759#3902759
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3902759
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
