Hi all,
I try to do authentication in
JBoss with an Oracle DB.
The web form displays and can be filled in, but he always denies the access and goes back to the login.jsp page, although the correct username/password are in the DB.
I think it has something to do with the OracleDS. I think JBoss cannot find the datasource, althoug the declaration file is in the deploy dir.
Does anyone know what to do or what I have done wrong?
Thanks a lot,
Jeroen
***************** FILE oracle-ds.xml in <jboss>/server/default/deploy *****
<?xml version="1.0" encoding="UTF-8"?>
<!-- JBoss Server Configuration for oracle -->
<datasources>
<local-tx-datasource>
<jndi-name>OracleDS</jndi-name>
<connection-url>
jdbc
racle:oci8:@myserver</connection-url>
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
<user-name>myUsername</user-name>
<password>myPassw</password>
<!-- Checks the Oracle error codes and messages for fatal errors -->
<exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter</exception-sorter-class-name>
<min-pool-size>5</min-pool-size>
<max-pool-size>20</max-pool-size>
</local-tx-datasource>
</datasources>
********************** login-config.xml in <jboss>/server/default/conf **********
<application-policy name="MyWebRealm">
<authentication>
<login-module code="org.jboss.security.auth.spi.DataBaseServerLoginModule" flag="required">
<module-option name="dsJndiName">
java:/OracleDS</module-option>
<module-option name="principalsQuery">SELECT password FROM users WHERE loginname=?</module-option>
<module-option name="rolesQuery">SELECT role, 'Roles' FROM userroles WHERE loginname=?</module-option>
</login-module>
</authentication>
</application-policy>
*************** in my Web application: web.xml **************
<!--security-constraint>
<display-name>Security My Web Application</display-name>
<web-resource-collection>
<web-resource-name>LocalysWeb Security</web-resource-name>
<description>Restrict all access to this application</description>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.do</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Only authorise users with the following roles defined.</description>
<role-name>administrator</role-name>
</auth-constraint>
<user-data-constraint>
<description>Protection should be CONFIDENTIAL if SSL is installed (or NONE)</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>MyWebRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>administrator</role-name>
</security-role>