Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-4460

form login with jdbc realm weird behaviour on different user roles.xml

    XMLWordPrintable

Details

    • Feature Request
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Obsolete
    • 8.2.0.Final
    • 11.0.0.Alpha1
    • Security
    • None

    Description

      I have below user roles in the system,
      CASHIER,
      AGENTS,
      MANAGER
      When I try to login as cashier and agents it does work but fails for manager role. I get redirected back to the login form when I try to login as a user which has a manager role, this wasnt happening in wildfly 8.0 and today I updated my server to 8.2 and it happens. I am using standalone.xml. I am using jsf 2.2 and primefaces 5.
      I tried on glassfish 4 and it works smoothly like wildfly 8.0.

      web.xml
      <security-constraint>
      <display-name>MANAGER</display-name>
      <web-resource-collection>
      <web-resource-name>Manager</web-resource-name>
      <description/>
      <url-pattern>/manager-area/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
      <description/>
      <role-name>MANAGER</role-name>
      </auth-constraint>
      </security-constraint>

      <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>mtaV4-security-jdbcrealm</realm-name>
      <form-login-config>
      <form-login-page>/login_home.xhtml</form-login-page>
      <form-error-page>/login_home.xhtml</form-error-page>
      </form-login-config>
      </login-config>

      jboss-web.xml
      <?xml version="1.0" encoding="UTF-8"?>
      <jboss-web xmlns="http://www.jboss.com/xml/ns/javaee">
      <context-root/>
      <security-domain>mtaV4-security-jdbcrealm</security-domain>
      </jboss-web>

      standalone-full.xml

      <security-domain name="mtaV4-security-jdbcrealm" cache-type="default">
      <authentication>
      <login-module code="Database" flag="required">
      <module-option name="dsJndiName" value="java:/jboss/__MTAV4"/>
      <module-option name="principalsQuery" value="select userpassword from users where email=?"/>
      <module-option name="rolesQuery" value="select role_name, 'Roles' from user_roles where email=?"/>
      <module-option name="unauthenticatedIdentity" value="guest"/>
      </login-module>
      </authentication>
      </security-domain>

      Attachments

        Activity

          People

            darran.lofthouse@redhat.com Darran Lofthouse
            mrifni Mohamed Rifni (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: