I appologize for this Off-Topic message, but I desperatly need help! I have been fighting with the JBoss DatabaseServerLoginModule for almost 2 months now without success. I have tried an infinite number of combinations to try to get to a _SIMPLE_ solution as outlined by the JBoss manual, the JAAS article in JavaWorld, and hundreds of documents and examples from all over the internet.
Well, I just don't have anymore time to waste as my deadline is now 48 hours away! I desperately need help: 1. Find someone to offer some help to resolve this by Friday. 2. Direct me somewhere to find the help I need 3. Tell who would be willing to have me hire them for the help I need. Here is my current situation: I am using JBoss 3.0.6 with Catalina on NT 4.0, MySql, XDoclet 1.2, Struts 1.1rc1, JDK 1.4. I create a beans.jar, common.jar, app.war and package everything into app.ear. The only things that are not in my EAR are the mysql-service.xml, auth.conf, login-config.xml, and server.policy which reside in the $JBOSS_HOME\server\default\conf and the $JBOSS_HOME\server\default\deploy directories. I also attached all the above file in a zip file here in this message. I have the DatabaseServerLoginModule configured and it seems to be operating, but not correctly. When I try to access a page under /private/* I get forwarded to /logon.jsp correctly. My MySql Database has 2 tables: TABLE_USER: columns: username, password TABLE_USER_ROLES: columns: username, user_roles, user_group TABLE_USER: data: "mick", "mickPassword" TABLE_USER_ROLES: data1: "mick", "user", "user" TABLE_USER_ROLES: data2: "mick", "admin", "admin" I then type in j_username: "mick", j_password: "mickPassword" and click ENTER. I seem to be logged in successfully as the console shows that I have 3 Principals: "mick", "user", "admin" and when I attempt to navigate to pages in the private area that do not require EJB access, I continue to see that my Principal is kept successfully through each page. So I do _not_ currently have the Principal=null issue. I do however have a UserPreferenceFilter that I check if the user is in role "user", "admin", or "guest" and all 3 come up as "NO". Also, when I attempt to access a page that goes to my EJB layer, I get a Security violation error that states user must belong to [<ANYONE>] role. But I have added a "run-as = InternalUser" for all my EJB's so far. But that does not seem to work. When I remove the "run-as=InternalUser", I get a Security Violation that states the user must belong to the role I specified. So it seems that my main 2 issues are getting the Roles to stick to the user when they login, and the EJB's to be able to use the user Roles, or the "run-as=InternalUser" ------------------------- Thank You Mick Knutson Sr. Designer - Project Trust aUBS AG, Financial - Zürich Office: +41 (0)1/234.42.75 Internal: 48194 Mobile: 079.726.14.26 -------------------------
YourSOS-Security1.ZIP
Description: YourSOS-Security1.ZIP
Visit our website at http://www.ubswarburg.com This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]