You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by "Glen Mazza (JIRA)" <ji...@apache.org> on 2013/01/01 04:34:13 UTC

[jira] [Resolved] (ROL-746) Unable to uses JAAS DatabaseServerLoginModule for authentication

     [ https://issues.apache.org/jira/browse/ROL-746?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Glen Mazza resolved ROL-746.
----------------------------

    Resolution: Won't Fix

This issue refers to an obsolete version of Roller (1.1.2).  Sorry we could not get to it in time for you.
                
> Unable to uses JAAS DatabaseServerLoginModule for authentication
> ----------------------------------------------------------------
>
>                 Key: ROL-746
>                 URL: https://issues.apache.org/jira/browse/ROL-746
>             Project: Roller
>          Issue Type: Improvement
>          Components: Database Access & Data Model, User Management
>    Affects Versions: 1.1.2
>         Environment: JBoss 4.0.2/Tomcat 5.5
>            Reporter: TJ
>            Assignee: Roller Unassigned
>
> When installed on JBoss 4.0.2 roller cannot use the org.jboss.security.auth.spi.DatabaseServerLoginModule because it expects TWO table columns to be returned by the userrole table query.
> Log-ins fail and an exception is thrown:
> 2005-06-17 21:49:30,297 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@7227a8
> 2005-06-17 21:49:30,313 DEBUG [org.jboss.security.plugins.JaasSecurityManager.RollerRealm] CachePolicy set to: org.jboss.util.TimedCachePolicy@899e6a
> 2005-06-17 21:49:30,313 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] setCachePolicy, c=org.jboss.util.TimedCachePolicy@899e6a
> 2005-06-17 21:49:30,313 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Added RollerRealm, org.jboss.security.plugins.SecurityDomainContext@ff665a to map
> 2005-06-17 21:49:30,422 ERROR [org.jboss.security.auth.spi.DatabaseServerLoginModule] SQL failure
> java.sql.SQLException: Column Index out of range, 2 > 1. 
> 	at com.mysql.jdbc.ResultSet.checkColumnBounds(ResultSet.java:4160)
> 	at com.mysql.jdbc.ResultSet.getNativeString(ResultSet.java:6469)
> 	at com.mysql.jdbc.ResultSet.getStringInternal(ResultSet.java:2307)
> 	at com.mysql.jdbc.ResultSet.getString(ResultSet.java:2203)
> 	at org.jboss.resource.adapter.jdbc.WrappedResultSet.getString(WrappedResultSet.java:400)
> 	at org.jboss.security.auth.spi.Util.getRoleSets(Util.java:142)
> 	at org.jboss.security.auth.spi.DatabaseServerLoginModule.getRoleSets(DatabaseServerLoginModule.java:166)
> The JBoss Security guide section 8.4.6.4 explains all
> http://docs.jboss.org/jbossas/admindevel326/html/ch8.chapter.html#ch8.dabaseserverloginmodule.sect
> The default select statements for DatabaseServerLoginModule are given in the head of the source code file. You can find a copy here
> http://www.cenqua.com/clover/eg/jboss/report/org/jboss/security/auth/spi/DatabaseServerLoginModule.html
> It reads:
>  private String dsJndiName;
>  private String principalsQuery = "select Password from Principals where PrincipalID=?";
>  private String rolesQuery = "select Role, RoleGroup from Roles where PrincipalID=?";
> In roller the userrole table has only the 'Role' column. 'RoleGroup' doesn't exist.
> So the select statement defined in the application policy defined in jboss/server/<all>/conf/login-config.xml
>  <!-- Roller Weblog -->
>  <application-policy name="RollerRealm">
>   <authentication>
>    <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="sufficient">
>     <module-option name="dsJndiName">java:/jdbc/rollerdb</module-option>
>     <module-option name="principalsQuery">select passphrase from rolleruser where username=?</module-option>
>     <module-option name="rolesQuery">select rolename from userrole where username=?</module-option>
>     <module-option name="unauthenticatedIdentity">guest</module-option>
>    </login-module>
>   </authentication>
>  </application-policy> 
> causes the attempted read of the second column of the result set to fail in  the method
> protected Group[] getRoleSets() throws LoginException
> ...
>  do {
>   String name = rs.getString(1);
>   String groupName = rs.getString(2); // ** Exception **
> The *fix* is to edit the select statement to return a hard-coded 'Roles' value in login-config.xml
> <module-option name="rolesQuery">select rolename, 'Roles' from userrole where username=?</module-option>

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira