You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by "Glen Mazza (JIRA)" <ji...@apache.org> on 2013/01/01 04:34:13 UTC
[jira] [Resolved] (ROL-746) Unable to uses JAAS
DatabaseServerLoginModule for authentication
[ https://issues.apache.org/jira/browse/ROL-746?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Glen Mazza resolved ROL-746.
----------------------------
Resolution: Won't Fix
This issue refers to an obsolete version of Roller (1.1.2). Sorry we could not get to it in time for you.
> Unable to uses JAAS DatabaseServerLoginModule for authentication
> ----------------------------------------------------------------
>
> Key: ROL-746
> URL: https://issues.apache.org/jira/browse/ROL-746
> Project: Roller
> Issue Type: Improvement
> Components: Database Access & Data Model, User Management
> Affects Versions: 1.1.2
> Environment: JBoss 4.0.2/Tomcat 5.5
> Reporter: TJ
> Assignee: Roller Unassigned
>
> When installed on JBoss 4.0.2 roller cannot use the org.jboss.security.auth.spi.DatabaseServerLoginModule because it expects TWO table columns to be returned by the userrole table query.
> Log-ins fail and an exception is thrown:
> 2005-06-17 21:49:30,297 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@7227a8
> 2005-06-17 21:49:30,313 DEBUG [org.jboss.security.plugins.JaasSecurityManager.RollerRealm] CachePolicy set to: org.jboss.util.TimedCachePolicy@899e6a
> 2005-06-17 21:49:30,313 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] setCachePolicy, c=org.jboss.util.TimedCachePolicy@899e6a
> 2005-06-17 21:49:30,313 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Added RollerRealm, org.jboss.security.plugins.SecurityDomainContext@ff665a to map
> 2005-06-17 21:49:30,422 ERROR [org.jboss.security.auth.spi.DatabaseServerLoginModule] SQL failure
> java.sql.SQLException: Column Index out of range, 2 > 1.
> at com.mysql.jdbc.ResultSet.checkColumnBounds(ResultSet.java:4160)
> at com.mysql.jdbc.ResultSet.getNativeString(ResultSet.java:6469)
> at com.mysql.jdbc.ResultSet.getStringInternal(ResultSet.java:2307)
> at com.mysql.jdbc.ResultSet.getString(ResultSet.java:2203)
> at org.jboss.resource.adapter.jdbc.WrappedResultSet.getString(WrappedResultSet.java:400)
> at org.jboss.security.auth.spi.Util.getRoleSets(Util.java:142)
> at org.jboss.security.auth.spi.DatabaseServerLoginModule.getRoleSets(DatabaseServerLoginModule.java:166)
> The JBoss Security guide section 8.4.6.4 explains all
> http://docs.jboss.org/jbossas/admindevel326/html/ch8.chapter.html#ch8.dabaseserverloginmodule.sect
> The default select statements for DatabaseServerLoginModule are given in the head of the source code file. You can find a copy here
> http://www.cenqua.com/clover/eg/jboss/report/org/jboss/security/auth/spi/DatabaseServerLoginModule.html
> It reads:
> private String dsJndiName;
> private String principalsQuery = "select Password from Principals where PrincipalID=?";
> private String rolesQuery = "select Role, RoleGroup from Roles where PrincipalID=?";
> In roller the userrole table has only the 'Role' column. 'RoleGroup' doesn't exist.
> So the select statement defined in the application policy defined in jboss/server/<all>/conf/login-config.xml
> <!-- Roller Weblog -->
> <application-policy name="RollerRealm">
> <authentication>
> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="sufficient">
> <module-option name="dsJndiName">java:/jdbc/rollerdb</module-option>
> <module-option name="principalsQuery">select passphrase from rolleruser where username=?</module-option>
> <module-option name="rolesQuery">select rolename from userrole where username=?</module-option>
> <module-option name="unauthenticatedIdentity">guest</module-option>
> </login-module>
> </authentication>
> </application-policy>
> causes the attempted read of the second column of the result set to fail in the method
> protected Group[] getRoleSets() throws LoginException
> ...
> do {
> String name = rs.getString(1);
> String groupName = rs.getString(2); // ** Exception **
> The *fix* is to edit the select statement to return a hard-coded 'Roles' value in login-config.xml
> <module-option name="rolesQuery">select rolename, 'Roles' from userrole where username=?</module-option>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira