Hello all, In this tutorial we are going to configure JAAS for jboss 7.1 and mysql for Form based authentication to be used in a web application. . We have already covered how toconfigure jaas for tomcat 7 and mysql.The difference between these is due to jBoss 7.1 application server. We need to configure subsystems and modules in case of jBoss 7.1 unlike Tomcat. It is assumed that you have basic knowledge of mysql, application servers, eclipse and creating a dynamic web project.

Configure JAAS for jboss 7.1

Pre-requisites:

  1. jBoss 7.1 application server
  2. Mysql database
  3. eclipse IDE (I’m using Juno in this article)
  4. Mysql connector jar file

Database configuration.

Create a database and create three tables as provided in the diagram.

Tables to be created for JDBCRealm of users

  • users: Stores username and password which need to be authenticated
  • roles :  Stores allowed roles
  • users_roles: Stores the relation between users and their allowed roles.

This table structure is needed to configure JAAS for jboss 7.1 and mysql

Create database :

 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
CREATE DATABASE tutorialsdb;
USE tutorialsdb;
CREATE TABLE users (
username varchar(20) NOT NULL PRIMARY KEY,
password varchar(20) NOT NULL
);
CREATE TABLE roles (
rolename varchar(20) NOT NULL PRIMARY KEY
);
CREATE TABLE users_roles (
username varchar(20) NOT NULL,
rolename varchar(20) NOT NULL,
PRIMARY KEY (username, rolename),
CONSTRAINT users_roles_fk1 FOREIGN KEY (username) REFERENCES users (username),
CONSTRAINT users_roles_fk2 FOREIGN KEY (rolename) REFERENCES roles (rolename)
);

Insert data into database:

 
1
2
3
4
INSERT INTO `tutorialsdb`.`users` (`username`, `password`) VALUES ('prasad', 'kharkar');
INSERT INTO `tutorialsdb`.`roles` (`rolename`) VALUES ('user');
INSERT INTO `tutorialsdb`.`users_roles` (`username`, `rolename`) VALUES ('prasad', 'user');
COMMIT;

Now we are done with your database part. We need to tell jBoss application server that we are going to use this database for JDBCRealm purpose. Normally we would place mysql connector jar into library of web application but for jBoss 7.1 we need to create a module for it and declare it in jBoss configuration file i.e. standalone.xml .

Creating module for mysql :

  • Navigate to <jboss_home>/modules/com  e.g. C:\jboss-as-7.1.1.Final\modules\com
  • Create a folder called mysql in it and under mysql , create another folder named main
  • Under main , copy your mysql connector jar file  and create a file calledmodule.xml

Your structure and the files under main folder should be

Folder structure for module

Now that we have created module.xml file and copied mysql connector jar for jdbc connectivity we need to specify that we are using this mysql connector jar as a resource for this module name.

So in your blank module.xml file, put following code

 
1
2
3
4
5
6
7
8
9
10
11
<module xmlns="urn:jboss:module:1.1" name="com.mysql">
 
    <resources>
        <resource-root path="mysql-connector-java-5.1.21-bin.jar"/>
    </resources>
    <dependencies>
        <module name="javax.api"/>
        <module name="javax.transaction.api"/>
        <module name="javax.servlet.api" optional="true"/>
    </dependencies>
</module>

We are done for module creation. Now we need to configure it in standalone.xml

Configure module in standalone.xml

Navigate to <jboss_home>/standalone/configuration and open standalone.xml .

You will find a datasources tag under which you need to put this

 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
<datasource jta="false" jndi-name="java:/jBossJaasMysql" pool-name="jBossJaasMysql" enabled="true" use-ccm="false">
      <connection-url>jdbc:mysql://localhost:3306/tutorialsDB</connection-url>
      <driver-class>com.mysql.jdbc.Driver</driver-class>
      <driver>mysql</driver>
      <security>
          <user-name>root</user-name>
          <password>root</password>
      </security>
      <validation>
          <validate-on-match>false</validate-on-match>
          <background-validation>false</background-validation>
      </validation>
      <statement>
          <share-prepared-statements>false</share-prepared-statements>
      </statement>
</datasource>
  • jndi name is the identifier we are going to use in our security configuration.
  • jdbc:mysql://localhost:3306/tutorialsDB is our database to which jndi name points.

Add following code to subsystems tag.

 
1
2
3
<subsystem xmlns="urn:jboss:domain:jpa:1.0">
            <jpa default-datasource="java:/jBossJaasMysql"/>
</subsystem>

Configure jdbc driver using previously created module. Add following into drivers tag instandalone.xml

 
1
2
3
<driver name="mysql" module="com.mysql">
    <xa-datasource-class>com.mysql.jdbc.Driver</xa-datasource-class>
</driver>

Now jBoss7.1 know that this database will be used as datasource. Now we need to configure this JAAS for jboss 7.1. So we will define security subsystem for authentication and authorization.

Add following code to  standalone.xml  under security-domains

 
1
2
3
4
5
6
7
8
9
<security-domain name="jBossJaasMysqlRealm">
                    <authentication>
                        <login-module code="Database" flag="required">
                            <module-option name="dsJndiName" value="java:/jBossJaasMysql"/>
                            <module-option name="principalsQuery" value="select password from users where username = ?"/>
                            <module-option name="rolesQuery" value="select roleName,'Roles' from users_roles where username=?"/>
                        </login-module>
                    </authentication>
                </security-domain>
  • dsJndiName defines the name of the datasource used for jdbc realm.
  • principalsQuery defines the query which retrieves all usernames from the database which is configured for jdbc realm. In our case tutorialsdb will be used.
  • rolesQuery defines the roles defined for user which is authenticated.

Configuration is done for jBoss application server.

Application configuration:

First create a new dynamic web project in eclipse. We will name it jBossJaasMysql.After creating it, create files as shown in following folder structure.

Folder Structure of application

  • login.jsp : asks username and password for the user.
  • index.jsp : This is a protected resource. Accessing this directly should ask for username and password using FORM based authentication and authorization service which we have configured.
  • jboss-web.xml : Tells the application which security system should be used.
  • web.xml: Configures application for FORM based authentication.

index.jsp

 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
 
    This a constrained resource.
 
</body>
</html>

login.jsp

 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
    <form action="j_security_check" method="post">
        username : <input type="text" name="j_username"/><br>
        password : <input type="password" name = "j_password"/><br>
        <input type ="submit" name = "submit" value = "submit">
    </form>
</body>
</html>

error.jsp

 
1
2
3
4
5
6
7
8
<html>
<head>
<title>Error Page For Examples</title>
</head>
<body bgcolor="white">
Invalid username and/or password
</body>
</html>

Add this code to your web.xml

 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
<security-constraint>
        <display-name>Example Security Constraint</display-name>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/protected/*</url-pattern>
            <http-method>DELETE</http-method>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
            <http-method>PUT</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>user</role-name>
        </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
 
    <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>jBossJaasMysqlRealm</realm-name>
        <form-login-config>
            <form-login-page>/login.jsp</form-login-page>
            <form-error-page>/error.jsp</form-error-page>
        </form-login-config>
    </login-config>
    <security-role>
        <description> A user </description>
        <role-name>user</role-name>
    </security-role>
  • code in web-resource-collection tag means that resources with url pattern/protected/*  are constrained such that only DELETE, GET, POST and PUT operations can be performed for the role user
  • login-config configures the FORM authentication.

This is your jboss-web.xml

 
1
2
3
4
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
    <security-domain>java:/jaas/jBossJaasMysqlRealm</security-domain>
</jboss-web>

We are all done with configuration and setup part.

Hit the url http://localhost:8080/jBossJaasMysql/protected/index.jsp

As this is constrained resource, you will be asked to log in to application by this page.

Login page

Enter wrong username and password e.g. someUser/somePassword and click submit. You will see error.jsp showing message Invalid username and/or password.

Now again visit http://localhost:8080/jBossJaasMysql/protected/index.jsp  and enter username as prasad and password as kharkar.

This time, as we configure JAAS for jboss 7.1 and mysql the user prasad will be checked into database and the roles allotted to him. If he enters correct password, then he is authenticated. If a constrained resource is allowed to access a particular role, then it will be available. As index.jsp can be accessed with role user, prasad can accessindex.jsp now.

Hope this tutorial helps configure JAAS for jboss 7.1 and mysql.

原文地址:http://www.thejavageek.com/2013/09/18/configure-jaas-jboss-7-1-mysql/

configure JAAS for jboss 7.1 and mysql--reference的更多相关文章

  1. How to configure Gzip for JBoss?---refer

    Question: I think to try to speed up my Web App by reducing the size of transferred data. For exampl ...

  2. [MySQL Reference Manual] 24 MySQL sys框架

    24 MySQL sys框架 24 MySQL sys框架 24.1 sys框架的前提条件 24.2 使用sys框架 24.3 sys框架进度报告 24.4 sys框架的对象 24.4.1所有sys下 ...

  3. [MySQL Reference Manual] 23 Performance Schema结构

    23 MySQL Performance Schema 23 MySQL Performance Schema 23.1 性能框架快速启动 23.2 性能框架配置 23.2.1 性能框架编译时配置 2 ...

  4. [MySQL Reference Manual] 20 分区

    20 分区 20 分区 20.1 MySQL的分区概述 20.2 分区类型 20.2.1 RANGE分区 20.2.2 LIST分区 20.2.3 COLUMNS分区 20.2.3.1 RANGE C ...

  5. [MySQL Reference Manual] 18 复制

    18 复制 18 复制 18.1 复制配置 18.1.1 基于Binary Log的数据库复制配置 18.1.2 配置基于Binary log的复制 18.1.2.1 设置复制master的配置 18 ...

  6. [MySQL Reference Manual]15. 其他存储引擎

    15. 其他存储引擎 15. 其他存储引擎 15.1 设置存储引擎 15.2 MyISAM存储引擎 15.2.1 MyISAM启动选项 15.2.2 Key的空间要求 15.2.3 MyISAM表存储 ...

  7. [MySQL Reference Manual]14 InnoDB存储引擎

    14 InnoDB存储引擎 14 InnoDB存储引擎 14.1 InnoDB说明 14.1.1 InnoDB作为默认存储引擎 14.1.1.1 存储引擎的趋势 14.1.1.2 InnoDB变成默认 ...

  8. [MySQL Reference Manual] 10 全球化

    10.全球化 本章主要介绍全球化,包含国际化和本地化,的一些问题: ·         MySQL在语句中支持的字符集 ·         如何为服务配置不同的字符集 ·         选择错误信息 ...

  9. [MySQL Reference Manual] 8 优化

    8.优化 8.优化 8.1 优化概述 8.2 优化SQL语句 8.2.1 优化SELECT语句 8.2.1.1 SELECT语句的速度 8.2.1.2 WHERE子句优化 8.2.1.3 Range优 ...

随机推荐

  1. 利用WebRequest类上传文件

    说明:1.WebRequest类是一个抽象类,所以上传类实际使用的是其子类 2.打开Fiddler软件,监视正常网页的文件上传,可以看到http协议的请求和响应信息,简略说明 (第一行:请求说明 PO ...

  2. javascript为目标位置div等设置高度

    应该是DOM的东西: document.getElementById("目标id").style.height = 多高(数值)+"px";

  3. Django框架学习-Model进阶用法

    Model进阶用法 回顾 访问外键 访问多对多关系 更改数据库结构 当处理数据库结构改变时,需要注意到几点: 增加字段 首先在开发环境中: 再到产品环境中: 删除字段 删除多对多字段 删除model ...

  4. ps批量修改图片

    批量更改图片尺寸的ps脚本 高端干货!PHOTOSHOP实用脚本大合集

  5. SQL Server查看所有表大小,所占空间

    create table #Data(name varchar(100),row varchar(100),reserved varchar(100),data varchar(100),index_ ...

  6. MFC中菜单栏使用

    1.新建项目: 选择MFC应用程序,应用程序类型选择“基于对话框”: 本文中项目名为:MenuTest 2.新建菜单栏资源: 找到资源视图,右键MenuTest.re选择“添加资源”——选择Menu, ...

  7. Finding Nemo(bfs)

    Time Limit: 2000MS   Memory Limit: 30000K Total Submissions: 6988   Accepted: 1600 Description Nemo ...

  8. ZOJ 3469 Food Delivery

    题目大意: 有n个人,住在一条直线上.第i个人的坐标是Xi,街上有个外卖餐馆的位置是X,现在餐厅工作人员要给街上的每个人送饭,送完之后再回到餐厅,送饭人的速度是V,每个人有个不满意值,当这个人送餐时间 ...

  9. DateDiff 函数,用生日获得年龄

    一:截图 二:代码 using System; using System.Collections.Generic; using System.ComponentModel; using System. ...

  10. mysql集群安装(centos)

    mysql cluster : 1. 基于NDB Cluster 的分布式数据库系统 2. mysql集群中各服务器节点不共享数据 3. 在mysql cluster中节点指的是进程,区别于其他的集群 ...