java - Implementing JDBC Authentication on Glassfish with an existing database -


i've been working on sample jersey program familiarize myself java web services, , add security layer (server - glassfish, ide - intellij). far have implemented form based login system supposed reference existing sybase database. problem doesn't authenticate if put in right credentials, , don't know enough authentication in general troubleshoot it. here can figure out went wrong. here steps took:

  1. create community pool , resource in glassfish admin console
  2. create jdbc realm in glassfish admin console
  3. modify web.xml file include security constraint , login configuration
  4. create login.xhtml page , loginerror.xhtml page

as side note, database attempting use existing sybase database has sorts of information (not usernames, emails, supervisors, phone extensions, etc). database not have explicit password field, trying use 1 of existing fields (namely 1 called supervisoremail) act password field. therefore, user can authenticated own email , supervisor's email.

my first question is: specify columns use username/password in database? thought in jdbcrealm definition, perhaps wrong this. here have in fields:

jaas context: jdbcrealm

jndi: jdbc/__authdb (the resource created earlier)

user table: employeelist (the name of table in database)

user name column: email

password column: supervisoremail

group table: groups (no idea put here)

group name column: name (no idea put here)

password encryption algorithm: aes

this lead second question, "do need group database if users same privileges"? not have one.

finally, here xml/html files of use troubleshooting. sorry long post, wanted specific possible.

web.xml:

<?xml version="1.0" encoding="utf-8"?> <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"      xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"      xsi:schemalocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"      version="3.1">  <security-constraint>     <display-name>admin pages</display-name>     <web-resource-collection>         <web-resource-name>secured</web-resource-name>         <url-pattern>/*</url-pattern>         <http-method>get</http-method>         <http-method>post</http-method>     </web-resource-collection>      <auth-constraint>         <role-name>admin</role-name>     </auth-constraint> </security-constraint>  <!--<deny-uncovered-http-methods/>-->  <login-config>     <auth-method>form</auth-method>     <realm-name>jdbcrealm</realm-name>     <form-login-config>         <form-login-page>/login.xhtml</form-login-page>         <form-error-page>/loginerror.xhtml</form-error-page>     </form-login-config> </login-config>  <security-role>     <role-name>admin</role-name> </security-role> <servlet>     <servlet-name>faces servlet</servlet-name>     <servlet-class>javax.faces.webapp.facesservlet</servlet-class>     <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping>     <servlet-name>faces servlet</servlet-name>     <url-pattern>*.xhtml</url-pattern> </servlet-mapping> </web-app>

login.xhtml:

<?xml version='1.0' encoding='utf-8' ?> <!doctype html public "-//w3c//dtd xhtml 1.0transitional//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"   xmlns:p="http://primefaces.org/ui"> <body>     <p:panel header="login from">         <form method="post" action="j_security_check">             username: <input type="text" name="j_username"/>             password: <input type="password" name="j_password"/>             <input type="submit" value="login" />             <input type="reset" value="reset" />         </form>     </p:panel> </body>

if you've made far, thank reading. appreciated.

i figured out. when you're using jdbc realm within glassfish have have 2 separate databases: 1 has list of users/passwords, , 1 has list of users (same ones previous database) & group belong to. glassfish not authenticate if aren't using groups, if want have same privileges.


Comments

Post a Comment

Popular posts from this blog

powershell Start-Process exit code -1073741502 when used with Credential from a windows service environment -

i'm running strange behavior powershell start-process call. here call: $process = start-process ` "c:\somepath\mybinary.exe" ` -passthru ` -credential $defaultcredential ` -wait ` -workingdirectory "c:\somepath" ` -loaduserprofile if ($process.exitcode -ne 0) { #do } this call return exit code - 1073741502 . after quick search, exit code seems related generic error when program not load required dll (aka. status_dll_init_failed ). when run without -credential $credential program runs correctly. in order isolate problem, manually launched some.exe in prompt target credential , runs smoothly. so problem seems come way start-process cmdlet launch process. i found potential solutions problem tried apply no luck : link , link . would have idea of what's going on here ? edit 1: run proc mon monitoring program activities when launched directly or via powershell script. problem seems occur when loading kernelbase
Read more

twig - Using Twigbridge in a Laravel 5.1 Package -

i'm trying create laravel 5.1 package uses twigbridge instead of .php views. can normal .php views display fine, when try make use of .twig templates i'm met error. possible use twigbridge templates when creating views laravel package or pretty stuck blade , php ? edit 1: loading twig template without extending works. it's when start using {% extends 'file' %} error comes out. i error error loading /virtual/laravel/packages/username/mypackage/src/views/sample.twig: template "templates.master" not defined () in "/virtual/laravel/packages/username/mypackage/src/views/sample.twig" @ line 1. my folders username |_ mypackage |_ src |_ controllers - samplecontroller.php |_ views |_ templates - master.twig - sample.twig twig template sample.twig {% extends 'templates.master' %} {% block content %} {{ parent()
Read more

c# - LINQ join Entities from HashSet's, Join vs Dictionary vs HashSet performance -

i have hashset's each stores t, have written test application compares different relation algorithms can think of, i'm not pleased results getting. does there exist more efficient ways of achieving object relations, once testing? using system; using system.collections.generic; using system.linq; using system.text; using system.threading.tasks; using system.diagnostics; namespace linqtests { class program { static void main(string[] args) { hashset<user> usertable = new hashset<user>(); hashset<userproperty> userpropertytable = new hashset<userproperty>(); #region lets create dummy data. console.writeline("please wait while creating dummy data, can take while..."); console.writeline(""); int rows = 1000000; for(int x = 0; x < rows; x++) { random rnd = new random(); // ad
Read more