quality@glassfish.java.net

Re: Glassfish 3: JDBC Realm in web applications

From: Judy Tang <Judy.J.Tang_at_Sun.COM>
Date: Tue, 21 Apr 2009 16:36:28 -0700

Hi Edson,

It is very nice to hear from you. Do please help us to file an
enhancement on this.

Thanks,
Judy
Edson Richter wrote:
> Ok, forget. The source problem was my own stupidity: I named
> incorrectly the jdbcReam (notice the missing "l").
> Nevertheless, IMHO server should point the wrong realm name instead
> defaulting to fileReam.
>
> Regards,
>
> Edson.
>
> ------------------------------------------------------------------------
> From: edsonrichter_at_hotmail.com
> To: quality_at_glassfish.dev.java.net
> Date: Tue, 21 Apr 2009 22:02:19 +0000
> Subject: Glassfish 3: JDBC Realm in web applications
>
> Dear all.
>
> I know this is not the list to request support.
> I would like to just setup a scenario that is not working with
> Glassfish 3 Prelude:
>
> 1) In NetBeans, create web application.
> 2) Set security in web.xml as follows:
>
> <security-constraint>
> <display-name>UsuarioConstraint</display-name>
> <web-resource-collection>
> <web-resource-name>all</web-resource-name>
> <description/>
> <url-pattern>/</url-pattern>
> <url-pattern>/*</url-pattern>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> </web-resource-collection>
> <auth-constraint>
> <description>Only authorized users.</description>
> <role-name>usuario</role-name>
> </auth-constraint>
> <user-data-constraint>
> <description/>
> <transport-guarantee>NONE</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>jdbcRealm</realm-name>
> </login-config>
> <security-role>
> <description/>
> <role-name>usuario</role-name>
> </security-role>
>
> 3) Configure JDBC Pool, JDBC Resource and JDBC Realm (jdbcRealm)
>
> 4) Deploy application
>
> When I run (with FINEST security log level), I got:
>
> [#|2009-04-21T18:42:15.038-0300|FINE|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|[Web-Security]
> hasResource perm: (javax.security.jacc.WebResourcePermission
> /index.jsp GET)|#]
>
> [#|2009-04-21T18:42:15.042-0300|FINEST|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|Processing
> login with credentials of type: class
> com.sun.enterprise.security.auth.login.common.PasswordCredential|#]
>
> [#|2009-04-21T18:42:15.045-0300|FINE|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|Logging
> in user [Marcelo] into realm: file using JAAS module: fileRealm|#]
>
> [#|2009-04-21T18:42:15.112-0300|FINE|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|Login
> module initialized: class
> com.sun.enterprise.security.auth.login.FileLoginModule|#]
>
> [#|2009-04-21T18:42:15.113-0300|FINE|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|No
> such user: [Marcelo]|#]
>
>
> So, why is Glassfish using "fileReam" (Glassfish defaults) since my
> web.xml explicits ask for "jdbcRealm"???
>
> I googled a bit around for more information, but everything I've found
> so far is that is necessary to put "<realm>jdbcRealm</realm>" in
> sun-application.xml. The point is: this is an web app, there is no
> sun-application.xml
>
> So, I think it's necessary to add a test case for that, as well to fix
> this little bug...
>
>
> Thanks,
>
> Edson Richter
>
>
> ------------------------------------------------------------------------
> Quer saber qual produto Windows Live combina melhor com o seu perfil?
> Clique aqui e descubra! <http://www.windowslive.com.br>
> ------------------------------------------------------------------------
> Quer deixar seu Messenger turbinado de emoticons? Clique aqui e baixe
> agora. É grátis! <http://specials.br.msn.com/ilovemessenger/pacotes.aspx>