I am trying to build up a JEE application using JAAS programmatic security with WildFly 10 and Postgres Database, however i never succeeded to login where i always get the error saying **javax.servlet.ServletException: UT010031: Login failed** and here is my code:
Postgres database table:
CREATE TABLE users
(
id bigint NOT NULL,
pass character varying(255),
role character varying(255),
username character varying(255),
version bigint,
CONSTRAINT users_pkey PRIMARY KEY (id)
)
Data table row content:
287;"8D969EEF6ECAD3C29A3A629280E686CF0C3F5D5A86AFF3CA12020C923ADC6C92";"ADMIN";"administrator";1
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>Karbonic</display-name>
<servlet>
<servlet-name>FacesServlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>FacesServlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>/public/home.xhtml</welcome-file>
</welcome-file-list>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>main-realm</realm-name>
<form-login-config>
<form-login-page>/public/login.xhtml</form-login-page>
<form-error-page>/public/login.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Administrator</web-resource-name>
<url-pattern>/users/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ADMIN</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>User</web-resource-name>
<url-pattern>/users/user/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ADMIN</role-name>
<role-name>ACCOUNTING</role-name>
<role-name>REQUESTMANAGER</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Accounting</web-resource-name>
<url-pattern>/users/accounting/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ACCOUNTING</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Request Manager</web-resource-name>
<url-pattern>/users/requestManager/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>REQUESTMANAGER</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>REQUESTMANAGER</role-name>
</security-role>
<security-role>
<role-name>ADMIN</role-name>
</security-role>
<security-role>
<role-name>ACCOUNTING</role-name>
</security-role>
</web-app>
standalone.xml:
<security-domain name="main-realm" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:/PostgresDS"/>
<module-option name="principalsQuery" value="SELECT pass FROM users WHERE username = ?"/>
<module-option name="rolesQuery" value="SELECT role, 'Roles' FROM users WHERE username = ?"/>
<module-option name="hashAlgorithm" value="SHA-256"/>
<module-option name="hashEncoding" value="hex"/>
</login-module>
</authentication>
</security-domain>
jboss-web.xml:
<jboss-web>
<security-domain>main-realm</security-domain>
</jboss-web>
LoginBean.java:
package org.master.jsf;
import javax.ejb.EJB;
import javax.faces.application.FacesMessage;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import javax.faces.context.FacesContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import org.master.ejb.LoginEJB;
@SessionScoped
@ManagedBean
public class LoginBean {
@EJB
private LoginEJB userEJB;
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String login() {
FacesContext context = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest) context.getExternalContext().getRequest();
try {
request.login(this.getUsername(), this.getPassword());
userEJB.setUsername(username);
userEJB.setPassword(password);
return "/public/home.xhtml?faces-redirect=true";
} catch (ServletException e) {
e.printStackTrace();
FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Incorrect username or password!", "");
context.addMessage(null, msg);
}
return null;
}
public LoginEJB getUserEJB() {
return userEJB;
}
public void setUserEJB(LoginEJB userEJB) {
this.userEJB = userEJB;
}
public String doLogout() {
FacesContext context = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest) context.getExternalContext().getRequest();
try {
request.logout();
} catch (ServletException e) {
e.printStackTrace();
}
return "/public/login.xhtml?faces-redirect=true";
}
}
My .xhtml login page content:
<h:form class="form-signin" a:method="post">
<div class="row" style="margin-top: 100px;">
<div class="col-md-4"></div>
<div class="col-md-4"
style="background-color: rgba(174, 174, 174, 0.09); box-shadow: 1px 1px 10px 1px;">
<br /> <label class=""
style="font-size: 200%; text-shadow: 1px 1px 1px #0fccc0;">KARBONIC</label><span
class="glyphicon glyphicon-leaf"
style="margin-left: 10px; font-size: 150%; color: #0fccc0; text-shadow: 1px 1px 1px black;"
id="title-leaf" />
<p>Please enter your credintials.</p>
<hr />
<h:outputLabel value="Username:" style="font-weight: 100;" />
<!-- <h:inputText styleClass="form-control" a:name="j_username"> -->
<h:inputText styleClass="form-control" value="#{loginBean.username}">
<f:param name="username" value="123"></f:param>
</h:inputText>
<br />
<h:outputLabel value="Password:" style="font-weight: 100;" />
<!-- <h:inputSecret class="form-control" a:name="j_password"/> -->
<h:inputSecret class="form-control" value="#{loginBean.password}" />
<br />
<h:commandButton class="btn btn-primary btn-block" value="login"
type="submit" name="submit" action="#{loginBean.login()}">
<f:ajax execute="@form" render="@form"></f:ajax>
</h:commandButton>
<br /> <span><h:messages errorStyle="color: red;" /></span>
</div>
<div class="col-md-4"></div>
</div>
</h:form>
So could anyone figure the problem please, thanks in advance.
