Yes, for sure. I'll be glad to help.
Just let me know what is the best way to go: you want I file an enhancement, or do you need additional details from my case?
Kind regards,
Edson Richter.
Date: Tue, 21 Apr 2009 16:36:28 -0700
From: Judy.J.Tang_at_Sun.COM
To: quality_at_glassfish.dev.java.net
Subject: Re: Glassfish 3: JDBC Realm in web applications
Hi Edson,
It is very nice to hear from you. Do please help us to file an
enhancement on this.
Thanks,
Judy
Edson Richter wrote:
Ok, forget. The source problem was my own stupidity: I named
incorrectly the jdbcReam (notice the missing "l").
Nevertheless, IMHO server should point the wrong realm name instead
defaulting to fileReam.
Regards,
Edson.
From: edsonrichter_at_hotmail.com
To: quality_at_glassfish.dev.java.net
Date: Tue, 21 Apr 2009 22:02:19 +0000
Subject: Glassfish 3: JDBC Realm in web applications
Dear all.
I know this is not the list to request support.
I would like to just setup a scenario that is not working with
Glassfish 3 Prelude:
1) In NetBeans, create web application.
2) Set security in web.xml as follows:
<security-constraint>
<display-name>UsuarioConstraint</display-name>
<web-resource-collection>
<web-resource-name>all</web-resource-name>
<description/>
<url-pattern>/</url-pattern>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<description>Only authorized
users.</description>
<role-name>usuario</role-name>
</auth-constraint>
<user-data-constraint>
<description/>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>jdbcRealm</realm-name>
</login-config>
<security-role>
<description/>
<role-name>usuario</role-name>
</security-role>
3) Configure JDBC Pool, JDBC Resource and JDBC Realm (jdbcRealm)
4) Deploy application
When I run (with FINEST security log level), I got:
[#|2009-04-21T18:42:15.038-0300|FINE|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|[Web-Security]
hasResource perm: (javax.security.jacc.WebResourcePermission /index.jsp
GET)|#]
[#|2009-04-21T18:42:15.042-0300|FINEST|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|Processing
login with credentials of type: class
com.sun.enterprise.security.auth.login.common.PasswordCredential|#]
[#|2009-04-21T18:42:15.045-0300|FINE|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|Logging
in user [Marcelo] into realm: file using JAAS module: fileRealm|#]
[#|2009-04-21T18:42:15.112-0300|FINE|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|Login
module initialized: class
com.sun.enterprise.security.auth.login.FileLoginModule|#]
[#|2009-04-21T18:42:15.113-0300|FINE|glassfish|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=Thread-3;ClassName=null;MethodName=null;|No
such user: [Marcelo]|#]
So, why is Glassfish using "fileReam" (Glassfish defaults) since my
web.xml explicits ask for "jdbcRealm"???
I googled a bit around for more information, but everything I've found
so far is that is necessary to put
"<realm>jdbcRealm</realm>" in sun-application.xml. The
point is: this is an web app, there is no sun-application.xml
So, I think it's necessary to add a test case for that, as well to fix
this little bug...
Thanks,
Edson Richter
Quer saber qual produto Windows Live combina melhor com o seu
perfil? Clique
aqui e descubra!
Quer deixar seu Messenger turbinado de emoticons? Clique aqui e baixe agora. É grátis!
_________________________________________________________________
Faça já uma busa e ganhe um wink do Messenger. Está esperando o que? É grátis!
http://www.ibud.com.br/