Yes, it's the same. I've attached domain.xml and login.conf from glassfish/domains/domain1/config. Here are the rest of my files:
adcaster.server.glassfish.Realm:
[code]package adcaster.server.glassfish;
import com.sun.appserv.security.AppservRealm;
import com.sun.enterprise.security.auth.realm.BadRealmException;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchRealmException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import com.sun.enterprise.security.auth.realm.User;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.List;
import java.util.Properties;
/**
* A custom JDBC security realm.
*
* @author Gili Tzabari
*/
public class Realm extends AppservRealm
{
private String[] authenticationGroups =
{
"myRole"
};
private Connection connection;
private PreparedStatement getUsers;
private PreparedStatement getUserGroup;
@Override
public void init(Properties props)
throws BadRealmException, NoSuchRealmException
{
super.init(props);
String jaasContext = props.getProperty(JAAS_CONTEXT_PARAM);
if (jaasContext == null)
throw new IllegalArgumentException("Property \"" + JAAS_CONTEXT_PARAM + "\" be specified");
System.err.println("properties = " + props);
setProperty(JAAS_CONTEXT_PARAM, jaasContext);
try
{
String jdbcUrl = props.getProperty("jdbc.url");
if (jdbcUrl == null)
throw new BadRealmException("Missing value for property \"jdbc.url\"");
String username = props.getProperty("username");
if (jdbcUrl == null)
throw new BadRealmException("Missing value for property \"username\"");
String password = props.getProperty("password");
if (jdbcUrl == null)
throw new BadRealmException("Missing value for property \"password\"");
Class.forName("com.mysql.jdbc.Driver").newInstance();
this.connection = DriverManager.getConnection(jdbcUrl, username, password);
getUsers = connection.prepareStatement(
"select terminal.name from terminal as terminal");
getUserGroup = connection.prepareStatement(
"select terminal.name from terminal as terminal where terminal.name=?");
System.err.println("Returning from init(properties)");
}
catch (InstantiationException e)
{
throw new BadRealmException(e);
}
catch (IllegalAccessException e)
{
throw new BadRealmException(e);
}
catch (ClassNotFoundException e)
{
throw new BadRealmException(e);
}
catch (SQLException e)
{
throw new BadRealmException(e);
}
}
public String getAuthType()
{
System.err.println("********** getAuthType");
return getClass().getName();
}
@Override
public synchronized Enumeration getUserNames()
throws BadRealmException
{
System.err.println("********** getUserNames");
try
{
ResultSet rs = getUsers.executeQuery();
List<String> result = new ArrayList<String>();
while (rs.next())
result.add(rs.getString("name"));
System.err.println("getUserNames() returning " + result);
return Collections.enumeration(result);
}
catch (SQLException e)
{
throw new BadRealmException(e);
}
}
@Override
public User getUser(final String name)
throws NoSuchUserException, BadRealmException
{
System.err.println("********** getUser(" + name + ")");
try
{
getGroupNames(name);
}
catch (InvalidOperationException e)
{
System.err.println("fail");
throw new BadRealmException(e);
}
System.err.println("success");
return new User()
{
@Override
public Realm getRealm() throws NoSuchRealmException
{
return Realm.this;
}
@Override
public Object getAttribute(String key)
{
return null;
}
@Override
public Enumeration getAttributeNames()
{
return Collections.enumeration(Collections.emptyList());
}
@Override
public String getName()
{
return name;
}
};
}
@Override
public Enumeration getGroupNames()
throws BadRealmException
{
System.err.println("************** getGroupNames(): " + authenticationGroups);
return Collections.enumeration(Arrays.asList(authenticationGroups));
}
@Override
public synchronized Enumeration getGroupNames(String user)
throws InvalidOperationException, NoSuchUserException
{
try
{
System.err.println("**************** getGroupNames(" + user + ")");
getUserGroup.setString(1, user);
ResultSet rs = getUserGroup.executeQuery();
List<String> result = new ArrayList<String>();
while (rs.next())
result.add(rs.getString("name"));
return Collections.enumeration(result);
}
catch (SQLException e)
{
InvalidOperationException result = new InvalidOperationException("");
result.initCause(e);
throw result;
}
}
@Override
public void refresh() throws BadRealmException
{
}
/**
* Indicates if a user is authentic.
*
* @param username the username
* @param password the password
* @return true if the user is authentic, false otherwise
*/
public boolean userIsAuthentic(String username, String password)
{
try
{
System.err.println("****************** userIsAuthentic(" + username + "," + password);
boolean result = getGroupNames(username).hasMoreElements();
System.err.println("returning: " + result);
return result;
}
catch (InvalidOperationException e)
{
return false;
}
catch (NoSuchUserException ex)
{
return false;
}
}
protected void finalize()
throws Throwable
{
try
{
connection.close();
}
catch (SQLException e)
{
e.printStackTrace();
}
super.finalize();
}
}[/code]
adcaster.server.glassfish.LoginModule:
[code]package adcaster.server.glassfish;
import com.sun.appserv.security.AppservPasswordLoginModule;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import javax.security.auth.login.LoginException;
/**
* Login module for AdCaster.
*
* @author Gili Tzabari
*/
public class LoginModule extends AppservPasswordLoginModule
{
public LoginModule()
{
System.err.println("*********** In LoginModule!");
}
protected void authenticateUser() throws LoginException
{
System.err.println("***** My Login module!");
if (!(_currentRealm instanceof Realm))
throw new LoginException("Module may only be used against " + Realm.class.getName());
Realm realm = (Realm) _currentRealm;
Collection<String> groupList = new ArrayList<String>();
try
{
if (!realm.userIsAuthentic(_username, _password))
throw new LoginException(_username);
for (Enumeration groups = realm.getGroupNames(_username); groups.hasMoreElements();)
groupList.add((String) groups.nextElement());
}
catch (InvalidOperationException e)
{
LoginException loginException = new LoginException();
loginException.initCause(e);
throw loginException;
}
catch (NoSuchUserException e)
{
LoginException loginException = new LoginException();
loginException.initCause(e);
throw loginException;
}
commitUserAuthentication(groupList.toArray(new String[0]));
}
}[/code]
web.xml:
[code]<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="
http://java.sun.com/xml/ns/javaee" xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="
http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
...snip....
<security-constraint>
<display-name>Playlistlog</display-name>
<web-resource-collection>
<web-resource-name>PlaylistLog</web-resource-name>
<description/>
<url-pattern>/playlists/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>myRole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>adcaster.server.glassfish.Realm</realm-name>
</login-config>
<security-role>
<description/>
<role-name>myRole</role-name>
</security-role>
</web-app>
[/code]
sun-web.xml:
[code]<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "
http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="">
<context-root>/adcaster/v1</context-root>
<security-role-mapping>
<role-name>myRole</role-name>
<principal-name>myRole</principal-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
</jsp-config>
</sun-web-app>[/code]
Do you see anything wrong?
Thanks,
Gili
[Message sent by forum member 'cowwoc' (cowwoc)]
http://forums.java.net/jive/thread.jspa?messageID=321174