java - Implementing JDBC Authentication on Glassfish with an existing database -
i've been working on sample jersey program familiarize myself java web services, , add security layer (server - glassfish, ide - intellij). far have implemented form based login system supposed reference existing sybase database. problem doesn't authenticate if put in right credentials, , don't know enough authentication in general troubleshoot it. here can figure out went wrong. here steps took:
- create community pool , resource in glassfish admin console
- create jdbc realm in glassfish admin console
- modify web.xml file include security constraint , login configuration
- create login.xhtml page , loginerror.xhtml page
as side note, database attempting use existing sybase database has sorts of information (not usernames, emails, supervisors, phone extensions, etc). database not have explicit password field, trying use 1 of existing fields (namely 1 called supervisoremail) act password field. therefore, user can authenticated own email , supervisor's email.
my first question is: specify columns use username/password in database? thought in jdbcrealm definition, perhaps wrong this. here have in fields:
jaas context: jdbcrealm
jndi: jdbc/__authdb (the resource created earlier)
user table: employeelist (the name of table in database)
user name column: email
password column: supervisoremail
group table: groups (no idea put here)
group name column: name (no idea put here)
password encryption algorithm: aes
this lead second question, "do need group database if users same privileges"? not have one.
finally, here xml/html files of use troubleshooting. sorry long post, wanted specific possible.
web.xml:
<?xml version="1.0" encoding="utf-8"?> <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1"> <security-constraint> <display-name>admin pages</display-name> <web-resource-collection> <web-resource-name>secured</web-resource-name> <url-pattern>/*</url-pattern> <http-method>get</http-method> <http-method>post</http-method> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <!--<deny-uncovered-http-methods/>--> <login-config> <auth-method>form</auth-method> <realm-name>jdbcrealm</realm-name> <form-login-config> <form-login-page>/login.xhtml</form-login-page> <form-error-page>/loginerror.xhtml</form-error-page> </form-login-config> </login-config> <security-role> <role-name>admin</role-name> </security-role> <servlet> <servlet-name>faces servlet</servlet-name> <servlet-class>javax.faces.webapp.facesservlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>faces servlet</servlet-name> <url-pattern>*.xhtml</url-pattern> </servlet-mapping> </web-app>
login.xhtml:
<?xml version='1.0' encoding='utf-8' ?> <!doctype html public "-//w3c//dtd xhtml 1.0transitional//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:p="http://primefaces.org/ui"> <body> <p:panel header="login from"> <form method="post" action="j_security_check"> username: <input type="text" name="j_username"/> password: <input type="password" name="j_password"/> <input type="submit" value="login" /> <input type="reset" value="reset" /> </form> </p:panel> </body>
if you've made far, thank reading. appreciated.
i figured out. when you're using jdbc realm within glassfish have have 2 separate databases: 1 has list of users/passwords, , 1 has list of users (same ones previous database) & group belong to. glassfish not authenticate if aren't using groups, if want have same privileges.
Comments
Post a Comment