• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

JBoss Security Roles Problem.... everyone is admin!

 
Author
Posts: 350
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am having a problem with roles. A user called tomcat is in a role called admin, but should not be. I can login okay with the tomcat user but, the tomcat user can do everything an admin can do, which is not what I want. I then tried to programmatically see if tomcat user is an admin and he was.
JBoss security is setup as follows:
<application-policy name = "express">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name = "dsJndiName">jdbc/mysql</module-option>
<module-option name = "principalsQuery">
select passwrd from app_user where username=?
</module-option>
<module-option name = "rolesQuery">
select role_name, 'Roles' from user_role where username=?
</module-option>
<module-option name="hashAlgorithm">SHA</module-option>
<module-option name="hashEncoding">base64</module-option>
</login-module>
</application-policy>
When I run the querries in the database workbench they seem to work as they should.
(I tried several combinations of encoding and hash to no avail).
It should be like this:
user tomcat is in the role "user"
user mraible is in the role "admin"
Here is the role table:
CREATE TABLE USER_ROLE
(
ID NUMERIC( 18, 0) NOT NULL,
USER_ID NUMERIC( 18, 0) NOT NULL,
USERNAME VARCHAR( 255) NOT NULL COLLATE NONE,
ROLE_NAME VARCHAR( 255) NOT NULL COLLATE NONE,
PRIMARY KEY (ID)
);
This query
select USER_NAME ROLENAME from USER_ROLE;
outputs this:
USER_NAME ROLENAME
tomcat user
mraible admin
Here is the DDL for the user table:
RECREATE TABLE APP_USER
(
ID NUMERIC( 18, 0) NOT NULL,
USERNAME VARCHAR( 40) NOT NULL COLLATE NONE,
PASSWRD VARCHAR( 150) NOT NULL COLLATE NONE,
FIRSTNAME VARCHAR( 40) NOT NULL COLLATE NONE,
LASTNAME VARCHAR( 40) NOT NULL COLLATE NONE,
EMAIL VARCHAR( 100) COLLATE NONE,
PHONENUMBER VARCHAR( 15) COLLATE NONE,
PASSWORDHINT VARCHAR( 40) COLLATE NONE,
INCREMENTBY FLOAT,
VER INTEGER,
PRIMARY KEY (ID)
);
The above has the following data:
ID,USERNAME,FIRSTNAME,EMAIL
1,"tomcat","Tomcat","matt_raible@yah.com"
2,"mraible","Matt","matt@raible.com"
3,"rick","Rick","rick@arc-mind.com"
 
Rick Hightower
Author
Posts: 350
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Let me answer my own question (with Adrian's help of course)
Thanks Adrian!
(I am starting to become a JBoss fan! Don't tell anyone.)
[ February 24, 2004: Message edited by: Rick Hightower ]
 
reply
    Bookmark Topic Watch Topic
  • New Topic