Menu
i have a Problem with the Login to my Java Application on JBOSS.
I use the Database Login Module with JBOSS 7.1.1
The test enviroment was on a MySQL Database. Everything worked great and without Problems. The Application deployed correctly and i could login to my application.
Now for production, the DBMS have to be changed to Oracle. Also here everything deployed. I could open the Application with my Browser. But no login is possible. Everytime i tried to login myself, the log says: PB00019: Processing Failed:No matching username found in Principals.
This is my configuration for the login module:
<security-domain name="apdomainhashed" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/MySqlDS"/>
<module-option name="principalsQuery" value="SELECT PASSWORD FROM TBLUSERS WHERE USERNAME=?"/>
<module-option name="rolesQuery" value="SELECT r.rolename, 'Roles' FROM TBLUSERS u INNER JOIN TBLUSER_GROUPS ug ON u.id = ug.users_id INNER JOIN TBLGROUPS g ON g.id = ug.groups_id INNER JOIN TBLGROUPS_ROLES gr ON gr.groups_id = g.id INNER JOIN TBLROLES r ON r.id = gr.roles_id WHERE u.username=? AND u.active=1"/>
<module-option name="hashAlgorithm" value="SHA-512"/>
<module-option name="hashEncoding" value="BASE64"/>
<module-option name="hashStorePassword" value="false"/>
<module-option name="hashUserPassword" value="true"/>
<module-option name="passwordIsA1Hash" value="true"/>
</login-module>
</authentication>
</security-domain>
If i send the query by hand, i receive the correct value:
SELECT PASSWORD FROM TBLUSERS WHERE USERNAME='admin';
PASSWORD
----------
c0jKLdIKuAJCrwhcmV4dkZftUWIiv1iT51Oupznz730D8+WGVoSh2j/Ou79p1L9H8YyLB1Ssrbbd\nG2D0ZSBmvw==
This is the complete Trace of the failed login:
07:44:31,291 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--0.0.0.0-8080-6) Begin isValid, principal:admin, cache entry: null
07:44:31,292 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--0.0.0.0-8080-6) defaultLogin, principal=admin
07:44:31,292 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http--0.0.0.0-8080-6) Begin getAppConfigurationEntry(apdomainhashed), size=4
07:44:31,293 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http--0.0.0.0-8080-6) End getAppConfigurationEntry(apdomainhashed), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=hashUserPassword, value=true
name=hashAlgorithm, value=SHA-512
name=principalsQuery, value=SELECT PASSWORD FROM TBLUSERS WHERE USERNAME=?
name=passwordIsA1Hash, value=true
name=hashEncoding, value=BASE64
name=dsJndiName, value=java:jboss/datasources/MySqlDS
name=hashStorePassword, value=false
name=rolesQuery, value=SELECT r.rolename, 'Roles' FROM TBLUSERS u INNER JOIN TBLUSER_GROUPS ug ON u.id = ug.users_id INNER JOIN TBLGROUPS g ON g.id = ug.groups_id INNER JOIN TBLGROUPS_ROLES gr ON gr.groups_id = g.id INNER JOIN TBLROLES r ON r.id = gr.roles_id WHERE u.username=? AND u.active=1
07:44:31,296 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) initialize
07:44:31,297 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) Security domain: apdomainhashed
07:44:31,297 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) Password hashing activated: algorithm = SHA-512, encoding = BASE64, charset = {default}, callback = null, storeCallback = null
07:44:31,298 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) DatabaseServerLoginModule, dsJndiName=java:jboss/datasources/MySqlDS
07:44:31,299 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) principalsQuery=SELECT PASSWORD FROM TBLUSERS WHERE USERNAME=?
07:44:31,299 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) rolesQuery=SELECT r.rolename, 'Roles' FROM TBLUSERS u INNER JOIN TBLUSER_GROUPS ug ON u.id = ug.users_id INNER JOIN TBLGROUPS g ON g.id = ug.groups_id INNER JOIN TBLGROUPS_ROLES gr ON gr.groups_id = g.id INNER JOIN TBLROLES r ON r.id = gr.roles_id WHERE u.username=? AND u.active=1
07:44:31,301 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) suspendResume=true
07:44:31,302 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) login
07:44:31,303 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) suspendAnyTransaction
07:44:31,304 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) Excuting query: SELECT PASSWORD FROM TBLUSERS WHERE USERNAME=?, with username: admin
07:44:31,305 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) Query returned no matches from db
07:44:31,306 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) resumeAnyTransaction
07:44:31,306 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http--0.0.0.0-8080-6) abort
07:44:31,307 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--0.0.0.0-8080-6) Login failure: javax.security.auth.login.FailedLoginException: PB00019: Processing Failed:No matching username found in Principals
Under MySQL the Datatype of the column was VARCHAR. With oracle now it's VARCHAR2.
Does anybody know why i couldn't login with oracle as datasource?
796
You use "java:jboss/datasources/MySqlDS" JNDI name everywhere. Is there the old datasource specified or it is the old name is still there? Other words, is MySqlDS actually specifies connection to Oracle?
102
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
