AS7 : Security Domain Model - need help!
chris81t Dec 14, 2011 10:09 AMHello,
I'm writing a web application ( using JBoss AS7.0.2 ) which requires a login. A few month's ago I have written a custom loginModule / Realm for the glassfish server ( custom while using db-tables that knows the login-informations. I know that DatabaseModules exist, but the given/required table structure of that existing db-module doesn't match with my db-model )
I have found following article: http://community.jboss.org/wiki/JBossAS7SecurityDomainModel
There I found the hint to the article: http://community.jboss.org/wiki/JBossAS7SecurityCustomLoginModules
First question: Is a custom login module only possible with the coming AS 7.1 release? Or can I use it with my AS 7.0.2 app-server?
So my first step is to write a simple prototype- example web application, which uses the UsersRoles Security Domain.
First I have added to the standalone.xml following part (<security-domain name="form-auth" cache-type="default">...</security-domain>):
<security-domains> <security-domain name="other" cache-type="default"> <authentication> <login-module code="Disabled" flag="required"/> </authentication> </security-domain> <security-domain name="form-auth" cache-type="default"> <authentication> <login-module code="UsersRoles" flag="required"> <module-option name="usersProperties" value="users.properties"/> <module-option name="rolesProperties" value="roles.properties"/> </login-module> </authentication> </security-domain> </security-domains>
Now my web- example project (JSF2.0 using CDI) (is attached as an eclipse project to this post):
- the project contains the properties files
I have got as the welcome page a start.xhtml. While defined the security-constraint in the web.xml the login.xhtml page (two input fields for user/password and one commandButton for the login) should be called, if an access to the start.xhtml will occur.
Here some code-snippets:
The managed bean, which executes the login while pressing the commandButton:
@Named @RequestScoped public class LoginBean implements Serializable { private static final long serialVersionUID = -6308095244497641582L; private String user; private String password; public String getUser() { return user; } public void setUser(String user) { this.user = user; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String login() { FacesContext fc = FacesContext.getCurrentInstance(); ExternalContext ec = fc.getExternalContext(); HttpServletRequest hsr = (HttpServletRequest) ec.getRequest(); try { hsr.login(user, password); } catch (ServletException se) { // create a message to inform the user FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_WARN, "Ein falscher Profilname und " + "oder ein falsches Passwort " + "wurde eingegeben!", null); fc.addMessage(null, msg); return null; } // for the first test simply navigate to the one existing page return "/start"; } }
web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0"> <display-name>LoginExample</display-name> <!-- Change to "Production" when you are ready to deploy --> <context-param> <param-name>javax.faces.PROJECT_STAGE</param-name> <param-value>Development</param-value> </context-param> <!-- Welcome page --> <welcome-file-list> <welcome-file>/start.xhtml</welcome-file> </welcome-file-list> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.xhtml</url-pattern> </servlet-mapping> <!-- Define a Security Constraint on this Application --> <security-constraint> <web-resource-collection> <web-resource-name>SALES Application</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>user</role-name> </auth-constraint> </security-constraint> <!-- Define the Login Configuration for this Application --> <login-config> <auth-method>FORM</auth-method> <realm-name>Login Example Application</realm-name> <form-login-config> <form-login-page>/login.xhtml</form-login-page> <form-error-page>/failure.xhtml</form-error-page> </form-login-config> </login-config> <!-- Security roles referenced by this web application --> <security-role> <description> The role that is required to log in to the Example Application </description> <role-name>user</role-name> </security-role> </web-app>
jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?> <jboss-web> <security-domain>form-auth</security-domain> <disable-audit>true</disable-audit> <context-root>/login</context-root> </jboss-web>
during the deployment the jboss fails with following error:
15:56:16,109 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-10) MSC00001: Failed to start service jboss.deployment.unit."SecurityDomainLoginExample.war".PARSE: org.jboss.msc.service.StartException in service jboss.deployment.unit."SecurityDomainLoginExample.war".PARSE: Failed to process phase PARSE of deployment "SecurityDomainLoginExample.war"
at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:121) [jboss-as-server-7.0.2.Final.jar:7.0.2.Final]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1824) [jboss-msc-1.0.1.GA.jar:1.0.1.GA]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1759) [jboss-msc-1.0.1.GA.jar:1.0.1.GA]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) [:1.7.0_b147-icedtea]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) [:1.7.0_b147-icedtea]
at java.lang.Thread.run(Thread.java:722) [:1.7.0_b147-icedtea]
Caused by: org.jboss.as.server.deployment.DeploymentUnitProcessingException: Failed to parse "/content/SecurityDomainLoginExample.war/WEB-INF/jboss-web.xml" at [4,2]
at org.jboss.as.web.deployment.JBossWebParsingDeploymentProcessor.deploy(JBossWebParsingDeploymentProcessor.java:68)
at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:115) [jboss-as-server-7.0.2.Final.jar:7.0.2.Final]
... 5 more
15:56:16,111 INFO [org.jboss.as.controller] (DeploymentScanner-threads - 2) Service status report
Services which failed to start:
service jboss.deployment.unit."SecurityDomainLoginExample.war".PARSE: org.jboss.msc.service.StartException in service jboss.deployment.unit."SecurityDomainLoginExample.war".PARSE: Failed to process phase PARSE of deployment "SecurityDomainLoginExample.war"
Can anybody help me? Thank's!
Regards,
Christian
-
SecurityDomainLoginExample.zip 13.0 KB