I've set up a JDBC realm in JBoss to handle user authentication/authorisation in a web app. I'm not receiving any error messages but authorisation fails with both of the test users and I'm struggling to understand why.
The project has been the result of pulling together forum posts on JDBC Security Realms on both JBoss and Tomcat so its entirely possible I've missed something but I can't see the wood for the trees anymore.
Relevant sections from Standalone.xml (JBoss management console shows DB connection & pool is OK so I know the driver is installed correctly):
<datasource jndi-name="java:jboss/datasources/MySqlDS" pool-name="MySqlDS">
<connection-url>jdbc:mysql://localhost:3306/securitytest</connection-url>
<driver-class>com.mysql.jdbc.Driver</driver-class>
<driver>com.mysql</driver>
<transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation>
<pool>
<min-pool-size>10</min-pool-size>
<max-pool-size>100</max-pool-size>
<prefill>true</prefill>
</pool>
<security>
<user-name>jboss_as</user-name>
<password>test</password>
</security>
<statement>
<prepared-statement-cache-size>32</prepared-statement-cache-size>
<share-prepared-statements>true</share-prepared-statements>
</statement>
</datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
<driver name="com.mysql" module="com.mysql">
<xa-datasource-class>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</xa-datasource-class>
</driver>
</drivers>
....
<security-domain name="JDBCRealm" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/MysqlDS"/>
<module-option name="principalsQuery" value="select user_password from USERS where user_name=?"/>
<module-option name="rolesQuery" value="select role_name, 'Roles' from ROLES where user_name=?"/>
</login-module>
</authentication>
</security-domain>
MySQL test database (securitytest) contains two tables (users - three columns ID, user_name, password and roles - three columns: ID, user_name, role_name, group_name) and I have populated these with "user" and "admin" both with "password" as the password. Role_name and group_name are set to the name of the respective users. Entries are cleartext (currently)
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="WebApp_ID" version="2.5">
<!-- Roles -->
<security-role>
<description>Administrators</description>
<role-name>admin</role-name>
</security-role>
<security-role>
<description>Management</description>
<role-name>mgmt</role-name>
</security-role>
<!-- Resource/role mapping -->
<security-constraint>
<display-name>Admin Pages</display-name>
<web-resource-collection>
<web-resource-name>Protected Admin Area</web-resource-name>
<description />
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description>For administrators only</description>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>All Access</display-name>
<web-resource-collection>
<web-resource-name>Unprotected User Area</web-resource-name>
<description>Open access for all users</description>
<url-pattern>/users/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<!-- Login prompt -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>JDBCRealm</realm-name>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/loginerror.xhtml</form-error-page>
</form-login-config>
</login-config>
</web-app>
jboss.xml (in WEB-INF directory):
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/JDBCRealm</security-domain>
</jboss-web>
Finally, login.xhtml:
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:p="http://primefaces.prime.com.tr/ui"
xmlns:h="http://java.sun.com/jsf/html">
<h:head>
<title>Login Form</title>
</h:head>
<h:body>
<p:panel header="Login From">
<form method="post" action="j_security_check">
Username: <input type="text" name="j_username" />
Password: <input type="password" name="j_password" />
<br />
<input type="submit" value="Login" />
<input type="reset" value="Reset" />
</form>
</p:panel>
</h:body>
</html>
If anyone has any ideas I'd be really grateful as I'm tearing my hair out. I'm sure I've done something stupid, I just can't see it.
Cheers!
This might be help you for configuring it in the right way.
http://middlewaremagic.com/jboss/?p=2187
Related
I am trying to complete the web tutorial 'Creating a simple web application using a MySQL database'. The NetBeans project name is 'IFPWAFCAD' and I am using GlassFish 5 and Java EE 5.
The database and its tables are listed correctly under Project Services, and the database shows as connected.
I am unable to deploy the application after attempting to create a connection pool. The xml files are as follows:
web.xml:
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<resource-ref>
<description>Database for IFPWAFCAD application
</description>
<res-ref-name>jdbc/IFPWAFCAD</res-ref-name>
<res-type>javax.sql.ConnectionPoolDataSource</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
</web-app>
glassfish-web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
<glassfish-web-app error-url="">
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
</jsp-config>
</glassfish-web-app>
glassfish-resources.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE resources PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Resource Definitions//EN" "http://glassfish.org/dtds/glassfish-resources_1_5.dtd">
<resources>
<jdbc-resource enabled="true" jndi-name="jdbc/IFPWAFCAD" object-type="user" pool-name="IfpwafcadPool">
<description>Accesses IFPWAFCAD database</description>
</jdbc-resource>
<jdbc-connection-pool allow-non-component-callers="false" associate-with-thread="false" connection-creation-retry-attempts="0" connection-creation-retry-interval-in-seconds="10" connection-leak-reclaim="false" connection-leak-timeout-in-seconds="0" connection-validation-method="table" datasource-classname="com.mysql.jdbc.jdbc2.optional.MysqlDataSource" fail-all-connections="false" idle-timeout-in-seconds="300" is-connection-validation-required="false" is-isolation-level-guaranteed="true" lazy-connection-association="false" lazy-connection-enlistment="false" match-connections="false" max-connection-usage-count="0" max-pool-size="32" max-wait-time-in-millis="60000" name="IfpwafcadPool" non-transactional-connections="false" ping="false" pool-resize-quantity="2" pooling="true" res-type="javax.sql.ConnectionPoolDataSource" statement-cache-size="0" statement-leak-reclaim="false" statement-leak-timeout-in-seconds="0" statement-timeout-in-seconds="-1" steady-pool-size="8" validate-atmost-once-period-in-seconds="0" wrap-jdbc-objects="true">
<property name="URL" value="jdbc:mysql://localhost:3306/mynewdatabase?zeroDateTimeBehavior=convertToNull"/>
<property name="User" value="root"/>
<property name="Password" value="23447HP"/>
</jdbc-connection-pool>
</resources>
i want to build a new module for Magento 1.9.4 that will be shown in the Admin area (catalog).
I programmed the following code, but i dont know how to show this module in the backend (including form tags). I just get a 404 error.
Here is my code with which i started my first module:
config.xml
<?xml version="1.0"?>
<config>
<modules>
<Eron_ChangePricesPerCategory>
<version>0.1.0</version>
</Eron_ChangePricesPerCategory>
</modules>
<frontend>
<routers>
<changepricespercategory>
<use>standard</use>
<args>
<module>Eron_ChangePricesPerCategory</module>
<frontName>changepricespercategory</frontName>
</args>
</changepricespercategory>
</routers>
</frontend>
<admin>
<routers>
<changepricespercategory>
<use>admin</use>
<args>
<module>Eron_ChangePricesPerCategory</module>
<frontName>admin_changepricespercategory</frontName>
</args>
</changepricespercategory>
</routers>
</admin>
<global>
<helpers>
<changepricespercategory>
<class>Eron_ChangePricesPerCategory_Helper</class>
</changepricespercategory>
</helpers>
</global>
<adminhtml>
<layout>
<updates>
<eron_changepricespercategory>
<file>eron_changepricespercategory.xml</file>
</eron_changepricespercategory>
</updates>
</layout>
</adminhtml>
</config>
adminhtml.xml
<?xml version="1.0"?>
<config>
<acl>
<resources>
<admin>
<children>
<system>
<children>
<config>
<children>
<changepricespercategory_settings translate="title">
<title>Extra Fee Settings</title>
<sort_order>55</sort_order>
</changepricespercategory_settings>
</children>
</config>
</children>
</system>
</children>
</admin>
</resources>
</acl>
</config>
system.xml
<?xml version="1.0"?>
<config>
<sections>
<changepricespercategory translate="label" module="changepricespercategory">
<label>Artikelpreise pro Kategorie ändern</label>
<tab>catalog</tab>
<frontend_type>text</frontend_type>
<sort_order>999</sort_order>
<show_in_default>1</show_in_default>
<show_in_website>1</show_in_website>
<show_in_store>1</show_in_store>
<fields>
<active translate="label">
<label>Aktiviert</label>
<frontend_type>select</frontend_type>
<source_model>adminhtml/system_config_source_yesno</source_model>
<sort_order>10</sort_order>
<show_in_default>1</show_in_default>
<show_in_website>1</show_in_website>
<show_in_store>1</show_in_store>
</active>
<title translate="label">
<label>Title</label>
<frontend_type>text</frontend_type>
<sort_order>20</sort_order>
<show_in_default>1</show_in_default>
<show_in_website>1</show_in_website>
<show_in_store>1</show_in_store>
</title>
<name translate="label">
<label>Name</label>
<frontend_type>text</frontend_type>
<sort_order>30</sort_order>
<show_in_default>1</show_in_default>
<show_in_website>1</show_in_website>
<show_in_store>1</show_in_store>
</name>
<showmethod translate="label">
<label>Versandart zeigen, auch wenn nicht möglich</label>
<frontend_type>select</frontend_type>
<sort_order>50</sort_order>
<source_model>adminhtml/system_config_source_yesno</source_model>
<show_in_default>1</show_in_default>
<show_in_website>1</show_in_website>
<show_in_store>1</show_in_store>
</showmethod>
<specificerrmsg translate="label">
<label>Angezeigte Fehlermeldung</label>
<frontend_type>textarea</frontend_type>
<sort_order>60</sort_order>
<show_in_default>1</show_in_default>
<show_in_website>1</show_in_website>
<show_in_store>1</show_in_store>
</specificerrmsg>
<sort_order translate="label">
<label>Reihenfolge</label>
<frontend_type>text</frontend_type>
<sort_order>70</sort_order>
<show_in_default>1</show_in_default>
<show_in_website>1</show_in_website>
<show_in_store>1</show_in_store>
</sort_order>
</fields>
</changepricespercategory>
</sections>
</config>
IndexController.php (in controllers/Adminhtml)
<?php
class Eron_ChangePricesPerCategory_Adminhtml_IndexController extends Mage_Adminhtml_Controller_Action {
/**
* Admin controller index action
*
* #access public
* #return void
*/
public function indexAction() {
$Block = $this->getLayout()->createBlock('changepricespercategory/Adminhtml_changepricespercategory');
$this->loadLayout()
->_addContent($Block)
->renderLayout();
}
}
The Module is shown in the backend... But i when i click on it, I get a 404. Can anybody help me? Maybe there is a good documentation - im new to magento module developement.
More Information: I want to build a module for changing all prices of a category by a percentage (e.g 2% increase).
You can get started from this toturial:
https://bsscommerce.com/confluence/3-simple-steps-to-create-admin-grid-in-magento-1/
If you want to try more features check this one:
https://www.codealist.com/magento-1-9-x-create-an-adminhtml-controller/
com/mysql/main/module.xml and I put mysql-connector-jar here:
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.3" name="com.mysql">
<resources>
<resource-root path="mysql-connector-java-5.1.33-bin.jar"/>
</resources>
<dependencies>
<module name="javax.api"/>
</dependencies>
</module>
datasource and driver in standalone.xml
<subsystem xmlns="urn:jboss:domain:datasources:2.0">
<datasources>
<datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
<connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
<driver>h2</driver>
<security>
<user-name>sa</user-name>
<password>sa</password>
</security>
</datasource>
<datasource jndi-name="java:/MySQLDS" pool-name="MySQLDS" enabled="true" use-java-context="true">
<connection-url>jdbc:mysql://localhost:3306/db3</connection-url>
<driver>MySQLDriver</driver>
<security>
<user-name></user-name>
<password></password>
</security>
</datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
<driver name="MySQLDriver" module="com.mysql">
<driver-class>com.mysql.jdbc.Driver</driver-class>
</driver>
</drivers>
</datasources>
</subsystem>
persistence.xml
<?xml version="1.0" encoding="UTF-8"?>
<persistence xmlns="http://java.sun.com/xml/ns/persistence"
version="1.0">
<!-- MySQL Datasource -->
<persistence-unit name="JPADB">
<jta-data-source>java:/MySQLDS</jta-data-source>
<properties>
<property name="showSql" value="true" />
<property name="hibernate.dialect" value="org.hibernate.dialect.MySQLDialect" />
</properties>
</persistence-unit>
</persistence>
And I am getting
IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: Could not create connection
error when I run the WildFly 8.
I am developing a simple struts2 login page using spring security.The problem is that whenever I login, it always show my custom access denied page no matter the user is valid or not. I don't understand the error, as no error is showing except a warning:
org.apache.struts2.components.ServletUrlRenderer.warn No configuration found for the specified action: 'j_spring_security_check' in namespace: '/'. Form action defaulting to 'action' attribute's literal value.
my web.xml
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-security.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>*.action</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>/jsp/index.jsp</welcome-file>
</welcome-file-list>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
my applicationContext-security.xml
<http auto-config="true">
<intercept-url pattern="/direct.action" access="permitAll()" />
<intercept-url pattern="/admin.action" access="hasRole('ROLE_Admin')" />
<access-denied-handler error-page="/jsp/deniedAccess.jsp" />
<form-login login-page="/jsp/login.jsp" default-target-url="/admin.action"
authentication-failure-url="/validateUser.action?error"
username-parameter="username" password-parameter="password" />
<logout logout-success-url="/logout.action?logout" />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="user" authorities="ROLE_User" />
<user name="admin" password="admin" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
struts.xml
<struts>
<package name="default" extends="struts-default" namespace="/">
<action name="direct" class="action.LogAction" method="reDirect">
<result name="success">/jsp/login.jsp</result>
</action>
<action name="admin" class="action.LogAction" method="directAdmin">
<result name="success">/admin/adminHome.jsp</result>
</action>
<action name="validateUser" class="action.LogAction" method="errorDirect">
<result name="success">/jsp/login.jsp</result>
</action>
<action name="logout" class="action.LogAction" method="directLogout">
<result name="success">/jsp/login.jsp</result>
</action>
</package>
index.jsp
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Redirecting...</title>
</head>
<body>
Redirecting...
<META HTTP-EQUIV="Refresh" CONTENT="0;URL=direct.action">
</body>
I don't know what is the error.Any help will be appreciated
login.jsp
<s:form action="j_spring_security_check" namespace="/" method="post">
<s:textfield name="username" label="Username"/>
<s:password name="password" label="Password"/>
<s:submit align="center" value="Login"/>
</s:form>
Your login.jsp form tag points at j_spring_security_check, which isn't an action name in your struts.xml. Change that to whatever action name which will handle the login post.
If you have written a method in action.LogAction (or implemented execute()) to actually handle your login, you need to provide both a success and a failure result in the struts.xml The success result should take the user to wherever they should be after successful login, the failure result takes them back to the login jsp. See the struts docs here for more info.
I re-targeted my project from wp8 to wp8.1. At first my package.appxmanifest file's build action was not set to Appxmanifest. Also it is only showing 4 tabs
-Application
-capabilities
-Declarations
-Packaging
Tabs that are missing are
-Visual Assets
-content URI's
-Declarations
What should i do.
<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://schemas.microsoft.com/appx/2010/manifest" xmlns:m2="http://schemas.microsoft.com/appx/2013/manifest" xmlns:m3="http://schemas.microsoft.com/appx/2014/manifest" xmlns:mp="http://schemas.microsoft.com/appx/2014/phone/manifest">
<Identity Name="37576f76-9ac9-4f78-b2d9-cb51446fb500" Publisher="CN=R" Version="1.0.0.0" />
<mp:PhoneIdentity PhoneProductId="e4312153-3f4c-49dd-904d-5fbe8f1d6000" PhonePublisherId="3f72d71c-dd80-408e-affb-aa06372f300a" />
<Properties>
<DisplayName>app</DisplayName>
<PublisherDisplayName>app</PublisherDisplayName>
<Logo>Assets\StoreLogo.png</Logo>
</Properties>
<Prerequisites>
<OSMinVersion>6.3.1</OSMinVersion>
<OSMaxVersionTested>6.3.1</OSMaxVersionTested>
</Prerequisites>
<Resources>
<Resource Language="x-generate" />
</Resources>
<Applications>
<Application Id="xe4312153y3f4cy49ddy904dy5fbe8f1d6073x" Executable="AGHost.exe" EntryPoint="MainPage.xaml">
<m3:VisualElements DisplayName="app" Square150x150Logo="Assets\SquareTile150x150.png" Square44x44Logo="Assets\Logo.png" Description="app" ForegroundText="light" BackgroundColor="#464646" ToastCapable="true">
<m3:DefaultTile Square71x71Logo="Assets\SquareTile71x71.png">
</m3:DefaultTile>
<m3:SplashScreen Image="SplashScreenImage.jpg" />
<m3:ApplicationView MinWidth="width320" />
<!--Used in XAML Designer. DO NOT REMOVE-->
</m3:VisualElements>
</Application>
</Applications>
<Extensions>
<Extension Category="windows.activatableClass.inProcessServer">
<InProcessServer>
<Path>AgHostSvcs.dll</Path>
<ActivatableClass ActivatableClassId="AgHost.BackgroundTask" ThreadingModel="both" />
</InProcessServer>
</Extension>
</Extensions>
<Capabilities>
<Capability Name="internetClientServer" />
<DeviceCapability Name="location" />
</Capabilities>
</Package>
Silverlight-based apps don't have those extra tabs; they are only applicable to non-Silverlight (WinRT) apps. You set things like your Tile icons via the WMAppManifest.xml file.