You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@isis.apache.org by ch...@wipro.com on 2014/06/04 13:24:35 UTC

JDBC Realm - Authentication failed

Hi,

I am trying to use Jdbc Realm for Shiro authentication and authorization in ISIS application.
I have setup shiro.ini file as per given in the Configuration Shiro for JDBC documentation at: http://isis.apache.org/components/security/shiro/configuring-shiro.html

I have tables created as required in shiro.ini. Even though om_users table has got sven as username and pass as password, on login Authentication Exception is thrown: PFA the Authentication.log


BR
Ranganath Varma

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com

RE: JDBC Realm - Authentication failed

Posted by ch...@wipro.com.
I defined those queries also in shiro.ini but were under [users] and [roles] section and hence Shiro was using defaults. And it's working when I moved them to under [main] section.

-----Original Message-----
From: Erik de Hair [mailto:erik@pocos.nl] 
Sent: Friday, June 06, 2014 4:07 PM
To: users@isis.apache.org
Subject: Re: JDBC Realm - Authentication failed

Hi,

The default queries for finding roles and permissions can be overwritten by configuration (in Shiro ini config):

jdbcRealm.authenticationQuery = SELECT password from users where username = ? and enabled = 1 jdbcRealm.userRolesQuery = select r.label from users_roles ur inner join roles r on ur.role_id = r.id where user_id = (select id from users where username = ?); jdbcRealm.permissionsQuery=select p.permission from roles_permissions rp inner join permissions p on rp.permission_id = p.id where rp.role_id = (select id from roles where label = ?); jdbcRealm.permissionsLookupEnabled=true

You can change the tables/columns the way you need.

Gr,
Erik


On 06/06/2014 12:11 PM, chittari.varma@wipro.com<ma...@wipro.com> wrote:

This issue is resolved. Problem was I defined the realm and datasource config below the [Users] section. After I move the definition to [main] section this error is gone.



But I am facing another issue that Shiro seems to be using default security tables like users, users_roles etc. It's not allowing to use application specific tables



Any idea how to resolve this issue?



Thanks

Ranganath Varma


From: chittari.varma@wipro.com<ma...@wipro.com> [mailto:chittari.varma@wipro.com]
Sent: Wednesday, June 04, 2014 4:55 PM
To: users@isis.apache.org<ma...@isis.apache.org>
Subject: JDBC Realm - Authentication failed

Hi,

I am trying to use Jdbc Realm for Shiro authentication and authorization in ISIS application.
I have setup shiro.ini file as per given in the Configuration Shiro for JDBC documentation at: http://isis.apache.org/components/security/shiro/configuring-shiro.html

I have tables created as required in shiro.ini. Even though om_users table has got sven as username and pass as password, on login Authentication Exception is thrown: PFA the Authentication.log


BR
Ranganath Varma

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com<http://www.wipro.com><http://www.wipro.com><http://www.wipro.com>

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com<http://www.wipro.com>




The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com

Re: JDBC Realm - Authentication failed

Posted by Erik de Hair <er...@pocos.nl>.
Hi,

The default queries for finding roles and permissions can be overwritten by configuration (in Shiro ini config):

jdbcRealm.authenticationQuery = SELECT password from users where username = ? and enabled = 1
jdbcRealm.userRolesQuery = select r.label from users_roles ur inner join roles r on ur.role_id = r.id where user_id = (select id from users where username = ?);
jdbcRealm.permissionsQuery=select p.permission from roles_permissions rp inner join permissions p on rp.permission_id = p.id where rp.role_id = (select id from roles where label = ?);
jdbcRealm.permissionsLookupEnabled=true

You can change the tables/columns the way you need.

Gr,
Erik


On 06/06/2014 12:11 PM, chittari.varma@wipro.com<ma...@wipro.com> wrote:

This issue is resolved. Problem was I defined the realm and datasource config below the [Users] section. After I move the definition to [main] section this error is gone.



But I am facing another issue that Shiro seems to be using default security tables like users, users_roles etc. It's not allowing to use application specific tables



Any idea how to resolve this issue?



Thanks

Ranganath Varma


From: chittari.varma@wipro.com<ma...@wipro.com> [mailto:chittari.varma@wipro.com]
Sent: Wednesday, June 04, 2014 4:55 PM
To: users@isis.apache.org<ma...@isis.apache.org>
Subject: JDBC Realm - Authentication failed

Hi,

I am trying to use Jdbc Realm for Shiro authentication and authorization in ISIS application.
I have setup shiro.ini file as per given in the Configuration Shiro for JDBC documentation at: http://isis.apache.org/components/security/shiro/configuring-shiro.html

I have tables created as required in shiro.ini. Even though om_users table has got sven as username and pass as password, on login Authentication Exception is thrown: PFA the Authentication.log


BR
Ranganath Varma

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com<http://www.wipro.com><http://www.wipro.com><http://www.wipro.com>

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com<http://www.wipro.com>

RE: JDBC Realm - Authentication failed

Posted by ch...@wipro.com.
This issue is resolved. Problem was I defined the realm and datasource config below the [Users] section. After I move the definition to [main] section this error is gone.



But I am facing another issue that Shiro seems to be using default security tables like users, users_roles etc. It's not allowing to use application specific tables



Any idea how to resolve this issue?



Thanks

Ranganath Varma


From: chittari.varma@wipro.com [mailto:chittari.varma@wipro.com]
Sent: Wednesday, June 04, 2014 4:55 PM
To: users@isis.apache.org
Subject: JDBC Realm - Authentication failed

Hi,

I am trying to use Jdbc Realm for Shiro authentication and authorization in ISIS application.
I have setup shiro.ini file as per given in the Configuration Shiro for JDBC documentation at: http://isis.apache.org/components/security/shiro/configuring-shiro.html

I have tables created as required in shiro.ini. Even though om_users table has got sven as username and pass as password, on login Authentication Exception is thrown: PFA the Authentication.log


BR
Ranganath Varma

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com<http://www.wipro.com>

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com