JBoss Wildfly 8.0.0-Final
JSF 2.2.4
First I created login using the application-users.properties and application-roles.properties. Added user with add-user.bat
Web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin Resource</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/error.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
Standalone.xml
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmDirect" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
login.xhtml
<?xml version="1.0" encoding="UTF-8"?>
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://xmlns.jcp.org/jsf/facelets"
xmlns:f="http://xmlns.jcp.org/jsf/core"
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:p="http://primefaces.org/ui">
<div class="center">
<form method="POST" action="j_security_check" id="">
<h:panelGrid id="panel" columns="2" border="1" cellpadding="4" cellspacing="4">
<h:outputLabel for="j_username" value="Username:" />
<input type="text" name="j_username" />
<h:outputLabel for="j_password" value="Password:" />
<input type="password" name="j_password" />
<h:panelGroup>
<input type="submit" value="Login" />
</h:panelGroup>
</h:panelGrid>
</form>
</div>
</ui:composition>
So that worked fine.. now I want to use database authentication.. so I change the standalone.xml.
<login-module code="Database" flag="sufficient">
<module-option name="dsJndiName" value="java:jboss/jsi/GarageXADataSource"/>
<module-option name="principalsQuery" value="select encode(password, 'hex') from principal where username=?"/>
<module-option name="rolesQuery" value="select r.role, r.role_group from role r inner join principal p on r.role = p.role where p.username=?"/>
<module-option name="hashAlgorithm" value="SHA-512"/>
<module-option name="hashEncoding" value="hex"/>
</login-module>
I use this sql to insert a role and a user in the database ( PostgreSQL 9.3 )
INSERT INTO role(role, role_group) VALUES ('admin', 'Roles');
INSERT INTO principal(username, email, password, role) VALUES ('Kris', '[email protected]', digest('pass', 'sha512'), 'admin');
But the login does not work. I see no errors in the log. I have used this approach before on AS 7.1.1 where it worked.
Thanks for you help.
Firstly DatabaseServerLoginModule logs to trace level, so you should set org.jboss.security log levels to trace in your standalone.xml as follows. Now you should see the errors in your server.log
<logger category="org.jboss.security">
<level name="TRACE"/>
</logger>
You also need to add a realm-name within your jboss-web.xml
<jboss-web>
<security-domain>java:/jaas/MyRealm</security-domain>
</jboss-web>
You have not supplied the surrounding tags around your login-module configuration snippet. You should have something this below. The realm name needs to match that in your web.xml
<subsystem xmlns="urn:jboss:domain:security:1.0">
<security-domains>
<security-domain name="MyRealm">
<authentication>
<login-module code="Database" flag="required">
....
</authentication>
</security-domain>
</security-domains>
</subsystem>
Once you have done this could you post any errors from your server.log.
The problem is with constant 'Roles', you must specify it exactly like that 'Roles'. Example:
Select role, 'Roles' from Role where roleId =
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With