how to use database login in Jboss3.0

Discussions

EJB programming & troubleshooting: how to use database login in Jboss3.0

  1. how to use database login in Jboss3.0 (2 messages)

    Hi,
    i am having problem using security in jboss... or put it this way that i don't know how to use it... one of my problem is this

    I want to user Database login module in my project.
    But i am stuck up with (probably a very silly) a problem... Please help me with it

    This is what i have added in the default/conf/login-config.xml

    <application-policy name = "mysecured">
            <authentication>
             <login-module flag = "required" code="org.jboss.security.auth.spi.DatabaseServerLoginModule">
    <module-option name="dsJndiName">java:/OracleDS</module-option>
    <module-option name="principalsQuery">
    SELECT * FROM users WHERE user_id = ? </module-option>
    <module-option name="rolesQuery">
    SELECT * FROM roles WHERE user_id = ? </module-option>
    </login-module>
           </authentication>
        </application-policy>


    This is a part of the web.xml file in /WEB-INF
    <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>MyRealmDatabase</realm-name>
    </login-config>

    I have this in /META-INF/jboss.xml and /WEB-INF/jboss-web.xml
    <security-domain>java:/jaas/mysecured</security-domain>

    I have the corresponding tables with the right column names and stuff in my Oracle Database. Now i get the window to enter username and password, if the combo is wrong i'm asked to login again.... but if it is right then i am redirected to an error page which says
    "HTTP Status 403 - Access to the specified resource (Access to the requested resource has been denied) has been forbidden"

    However this doesn't happen when i use Users Roles Login Module.... if the username/password matches i'm redirected to my index.html. But i don't want to use this because of various reasons.

    Could anyone please help me with the problem as soon as possible.
  2. Hi,
    i am having problem using security in jboss... or put it this way that i don't know how to use it... one of my problem is this

    I want to user Database login module in my project.
    But i am stuck up with (probably a very silly) a problem... Please help me with it

    This is what i have added in the default/conf/login-config.xml

    <application-policy name = "mysecured">
            <authentication>
             <login-module flag = "required" code="org.jboss.security.auth.spi.DatabaseServerLoginModule">
    <module-option name="dsJndiName">java:/OracleDS</module-option>
    <module-option name="principalsQuery">
    SELECT * FROM users WHERE user_id = ? </module-option>
    <module-option name="rolesQuery">
    SELECT * FROM roles WHERE user_id = ? </module-option>
    </login-module>
           </authentication>
        </application-policy>


    This is a part of the web.xml file in /WEB-INF
    <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>MyRealmDatabase</realm-name>
    </login-config>

    I have this in /META-INF/jboss.xml and /WEB-INF/jboss-web.xml
    <security-domain>java:/jaas/mysecured</security-domain>

    I have the corresponding tables with the right column names and stuff in my Oracle Database. Now i get the window to enter username and password, if the combo is wrong i'm asked to login again.... but if it is right then i am redirected to an error page which says
    "HTTP Status 403 - Access to the specified resource (Access to the requested resource has been denied) has been forbidden"

    However this doesn't happen when i use Users Roles Login Module.... if the username/password matches i'm redirected to my index.html. But i don't want to use this because of various reasons.

    Could anyone please help me with the problem as soon as possible.
  3. hi,
    i have got the answer to this
    the query was wrong (principalquery and stuff)
    it is supposed to be
         select password from users where user_id=?
         and not select *
    same goes for the other query
    could anyone answer the other query on Form based login anyways please
    thanks a lot