Java mon amour: Wildfly FORM based authentication with DB realm

https://dzone.com/articles/jdbc-realm-and-form-based-0

https://github.com/myfear/SimpleJDBCRealmWildFly

CREATE TABLE Users(username VARCHAR(255) PRIMARY KEY, passwd VARCHAR(255));

CREATE TABLE UserRoles(username VARCHAR(255), role VARCHAR(32));

the jar file is in:
D:\apps\wildfly12\modules\system\layers\base\org\picketbox\main\picketbox-5.0.2.Final.jar

java -classpath modules/system/layers/base/org/picketbox/main/picketbox-5.0.2.Final.jar org.jboss.security.Base64Encoder admin SHA-256
[jGl25bVBBBW96Qi9Te4V37Fnqchz/Eu4qB9vKrRIqRg=]

INSERT INTO users (username, passwd) VALUES ('myfear', 'jGl25bVBBBW96Qi9Te4V37Fnqchz/Eu4qB9vKrRIqRg=');
INSERT INTO userroles (username, role) VALUES ('myfear', 'ADMIN');

<security-domain name="secureDomain" cache-type="default">
                    <authentication>
                        <login-module code="Database" flag="required">
                            <module-option name="dsJndiName" value="java:jboss/datasources/UserDS"/>
                            <module-option name="principalsQuery" value="select passwd from Users where username=?"/>
                            <module-option name="rolesQuery" value="select role, 'Roles' from UserRoles where username=?"/>
                            <module-option name="hashAlgorithm" value="SHA-256"/>
                            <module-option name="hashEncoding" value="base64"/>
                        </login-module>
                    </authentication>
                </security-domain>

To debug security, make sure you enable logging:

    <profile>
        <subsystem xmlns="urn:jboss:domain:logging:4.0">
            <console-handler name="CONSOLE">
                <level name="ALL"/>
                <formatter>
                    <named-formatter name="COLOR-PATTERN"/>
                </formatter>
            </console-handler>
   
   
   
           <logger category="org.jboss.security" use-parent-handlers="false">
                <level name="TRACE"/>
                <handlers>
                    <handler name="CONSOLE"/>
                </handlers>
            </logger>

you get this:

08:37:33,815 TRACE [org.jboss.security] (MSC service thread 1-7) PBOX00227: removeAppConfig(jboss-web-policy)
08:37:33,815 TRACE [org.jboss.security] (MSC service thread 1-6) PBOX00227: removeAppConfig(jaspitest)
08:37:33,815 TRACE [org.jboss.security] (MSC service thread 1-8) PBOX00337: nextState for action getPolicyConfiguration: open
08:37:33,818 TRACE [org.jboss.security] (MSC service thread 1-8) PBOX00315: delete, contextID: simpeljdbcrealm-1.0-SNAPSHOT.war
08:37:33,818 TRACE [org.jboss.security] (MSC service thread 1-8) PBOX00337: nextState for action delete: deleted
08:37:33,819 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00337: nextState for action getPolicyConfiguration: open
08:37:33,822 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00315: delete, contextID: simpeljdbcrealm-1.0-SNAPSHOT.war
08:37:33,823 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00337: nextState for action delete: deleted
08:37:33,824 TRACE [org.jboss.security] (MSC service thread 1-5) PBOX00337: nextState for action getPolicyConfiguration: open
08:37:33,825 TRACE [org.jboss.security] (MSC service thread 1-5) PBOX00315: delete, contextID: kitchensink.war
08:37:33,825 TRACE [org.jboss.security] (MSC service thread 1-5) PBOX00337: nextState for action delete: deleted
08:37:33,827 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action getPolicyConfiguration: open
08:37:33,827 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00315: delete, contextID: kitchensink.war
08:37:33,828 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action delete: deleted
08:37:33,842 TRACE [org.jboss.security] (ServerService Thread Pool -- 74) PBOX00354: Setting security roles ThreadLocal: null
08:37:33,851 TRACE [org.jboss.security] (ServerService Thread Pool -- 76) PBOX00354: Setting security roles ThreadLocal: null
08:37:33,856 TRACE [org.jboss.security] (ServerService Thread Pool -- 76) PBOX00354: Setting security roles ThreadLocal: null
08:37:33,867 TRACE [org.jboss.security] (MSC service thread 1-2) PBOX00227: removeAppConfig(secureDomain)
08:37:33,869 TRACE [org.jboss.security] (ServerService Thread Pool -- 74) PBOX00354: Setting security roles ThreadLocal: null
08:37:33,908 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00227: removeAppConfig(other)
08:37:33,908 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00227: removeAppConfig(jboss-ejb-policy)
08:37:47,423 TRACE [org.jboss.security] (MSC service thread 1-6) PBOX00226: addAppConfig(dummy), AuthInfo: AppConfigurationEntry[]:
08:37:52,909 TRACE [org.jboss.security] (MSC service thread 1-4) PBOX00337: nextState for action getPolicyConfiguration: open
08:37:52,909 DEBUG [org.jboss.security] (MSC service thread 1-4) PBOX00307: Constructing JBossPolicyConfiguration with contextID simpeljdbcrealm-1.0-SNAPSHOT.war
08:37:52,911 TRACE [org.jboss.security] (MSC service thread 1-4) PBOX00337: nextState for action getPolicyConfiguration: open
08:37:52,918 TRACE [org.jboss.security] (MSC service thread 1-4) PBOX00314: commit, contextID: simpeljdbcrealm-1.0-SNAPSHOT.war
08:37:52,918 TRACE [org.jboss.security] (MSC service thread 1-4) PBOX00337: nextState for action commit: inService
08:37:53,703 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00337: nextState for action getPolicyConfiguration: open
08:37:53,703 DEBUG [org.jboss.security] (MSC service thread 1-1) PBOX00307: Constructing JBossPolicyConfiguration with contextID kitchensink.war
08:37:53,712 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00337: nextState for action getPolicyConfiguration: open
08:37:53,714 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00310: addToRole, permission: [MemberRegistration,role-ref=**]
08:37:53,716 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00337: nextState for action addToRole: open
08:37:53,717 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00314: commit, contextID: kitchensink.war
08:37:53,721 TRACE [org.jboss.security] (MSC service thread 1-1) PBOX00337: nextState for action commit: inService
08:37:58,946 TRACE [org.jboss.security] (ServerService Thread Pool -- 66) PBOX00354: Setting security roles ThreadLocal: null
08:37:58,952 TRACE [org.jboss.security] (ServerService Thread Pool -- 66) PBOX00354: Setting security roles ThreadLocal: null
08:37:58,960 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action getPolicyConfiguration: open
08:37:58,968 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00310: addToRole, permission: ("javax.security.jacc.WebResourcePermission" "/faces/admin/*")
08:37:58,968 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToRole: open
08:37:58,969 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebUserDataPermission" "/faces/admin/*")
08:37:58,976 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:58,980 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebUserDataPermission" "/faces/admin/*")
08:37:58,980 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:58,986 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/faces/users/*")
08:37:58,986 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:58,987 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/faces/users/*")
08:37:58,989 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:58,992 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/faces/users/*")
08:37:58,997 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:58,998 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/faces/users/*")
08:37:58,999 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:58,999 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebUserDataPermission" "/faces/users/*")
08:37:58,999 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:59,000 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebUserDataPermission" "/faces/users/*")
08:37:59,000 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:59,004 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/:/faces/admin/*:/faces/users/*")
08:37:59,010 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:59,011 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/:/faces/admin/*:/faces/users/*")
08:37:59,014 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:59,014 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/:/faces/admin/*:/faces/users/*")
08:37:59,020 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:59,021 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebUserDataPermission" "/:/faces/admin/*:/faces/users/*")
08:37:59,021 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:59,022 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebUserDataPermission" "/:/faces/admin/*:/faces/users/*")
08:37:59,022 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:37:59,027 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00310: addToRole, permission: ("javax.security.jacc.WebRoleRefPermission" "Faces Servlet" "**")
08:37:59,033 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToRole: open
08:37:59,034 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00310: addToRole, permission: ("javax.security.jacc.WebRoleRefPermission" "Faces Servlet" "ADMIN")
08:37:59,036 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToRole: open
08:37:59,046 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00310: addToRole, permission: ("javax.security.jacc.WebRoleRefPermission" "" "**")
08:37:59,047 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToRole: open
08:37:59,049 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00310: addToRole, permission: ("javax.security.jacc.WebRoleRefPermission" "" "ADMIN")
08:37:59,051 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToRole: open
08:37:59,056 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00314: commit, contextID: simpeljdbcrealm-1.0-SNAPSHOT.war
08:37:59,058 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action commit: inService
08:38:00,471 TRACE [org.jboss.security] (ServerService Thread Pool -- 64) PBOX00354: Setting security roles ThreadLocal: null
08:38:01,078 TRACE [org.jboss.security] (ServerService Thread Pool -- 64) PBOX00354: Setting security roles ThreadLocal: null
08:38:01,081 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action getPolicyConfiguration: open
08:38:01,086 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/")
08:38:01,087 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:38:01,088 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/")
08:38:01,088 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:38:01,089 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebResourcePermission" "/")
08:38:01,092 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:38:01,097 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebUserDataPermission" "/")
08:38:01,098 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:38:01,098 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00312: addToUncheckedPolicy, permission: ("javax.security.jacc.WebUserDataPermission" "/")
08:38:01,100 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToUncheckedPolicy: open
08:38:01,101 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00310: addToRole, permission: ("javax.security.jacc.WebRoleRefPermission" "Faces Servlet" "**")
08:38:01,103 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToRole: open
08:38:01,104 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00310: addToRole, permission: ("javax.security.jacc.WebRoleRefPermission" "org.jboss.as.quickstarts.kitchensink.rest.JaxRsActivator" "**")
08:38:01,110 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToRole: open
08:38:01,111 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00310: addToRole, permission: ("javax.security.jacc.WebRoleRefPermission" "" "**")
08:38:01,113 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action addToRole: open
08:38:01,119 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00314: commit, contextID: kitchensink.war
08:38:01,120 TRACE [org.jboss.security] (MSC service thread 1-3) PBOX00337: nextState for action commit: inService
08:39:10,718 TRACE [org.jboss.security] (default task-1) PBOX00354: Setting security roles ThreadLocal: null
08:39:10,964 TRACE [org.jboss.security] (default task-1) PBOX00354: Setting security roles ThreadLocal: null
08:39:13,160 TRACE [org.jboss.security] (default task-1) PBOX00354: Setting security roles ThreadLocal: null
08:39:13,260 TRACE [org.jboss.security] (default task-2) PBOX00354: Setting security roles ThreadLocal: null
08:39:13,261 TRACE [org.jboss.security] (default task-3) PBOX00354: Setting security roles ThreadLocal: null
08:39:13,284 TRACE [org.jboss.security] (default task-4) PBOX00354: Setting security roles ThreadLocal: null
08:39:13,331 TRACE [org.jboss.security] (default task-1) PBOX00354: Setting security roles ThreadLocal: null
08:39:13,375 TRACE [org.jboss.security] (default task-5) PBOX00354: Setting security roles ThreadLocal: null
08:39:17,603 TRACE [org.jboss.security] (default task-5) PBOX00200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal@c0d93cdc, cache entry: null
08:39:17,605 TRACE [org.jboss.security] (default task-5) PBOX00209: defaultLogin, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal@c0d93cdc
08:39:17,616 TRACE [org.jboss.security] (default task-5) PBOX00221: Begin getAppConfigurationEntry(secureDomain), size: 6
08:39:17,618 TRACE [org.jboss.security] (default task-5) PBOX00224: End getAppConfigurationEntry(secureDomain), AuthInfo: AppConfigurationEntry[]:
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
08:39:17,629 TRACE [org.jboss.security] (default task-5) PBOX00236: Begin initialize method
08:39:17,636 DEBUG [org.jboss.security] (default task-5) PBOX00281: Password hashing activated, algorithm: SHA-256, encoding: base64, charset: null, callback: null, storeCallBack: null
08:39:17,638 TRACE [org.jboss.security] (default task-5) PBOX00262: Module options [dsJndiName: java:jboss/datasources/DOICHDS, principalsQuery: select passwd from Users where username=?, rolesQuery: select role, 'Roles' from UserRoles where username=?, suspendResume: true]
08:39:17,648 TRACE [org.jboss.security] (default task-5) PBOX00240: Begin login method
08:39:17,670 TRACE [org.jboss.security] (default task-5) PBOX00263: Executing query select passwd from Users where username=? with username myfear
08:39:17,724 TRACE [org.jboss.security] (default task-5) PBOX00241: End login method, isValid: true
08:39:17,725 TRACE [org.jboss.security] (default task-5) PBOX00242: Begin commit method, overall result: true
08:39:17,728 TRACE [org.jboss.security] (default task-5) PBOX00263: Executing query select role, 'Roles' from UserRoles where username=? with username myfear
08:39:17,735 TRACE [org.jboss.security] (default task-5) PBOX00263: Executing query select role, 'Roles' from UserRoles where username=? with username myfear
08:39:17,776 TRACE [org.jboss.security] (default task-5) PBOX00210: defaultLogin, login context: javax.security.auth.login.LoginContext@59f877d, subject: Subject(745690868).principals=org.jboss.security.SimplePrincipal@1437571176(myfear)org.jboss.security.SimpleGroup@1704402987(Roles(members:ADMIN))org.jboss.security.SimpleGroup@1704402987(CallerPrincipal(members:myfear))
08:39:17,777 TRACE [org.jboss.security] (default task-5) PBOX00207: updateCache, input subject: Subject(745690868).principals=org.jboss.security.SimplePrincipal@1437571176(myfear)org.jboss.security.SimpleGroup@1704402987(Roles(members:ADMIN))org.jboss.security.SimpleGroup@1704402987(CallerPrincipal(members:myfear)), cached subject: Subject(882771324).principals=org.jboss.security.SimplePrincipal@1437571176(myfear)org.jboss.security.SimpleGroup@1704402987(Roles(members:ADMIN))org.jboss.security.SimpleGroup@1704402987(CallerPrincipal(members:myfear))
08:39:17,780 TRACE [org.jboss.security] (default task-5) PBOX00208: Inserted cache info: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@4b02ffcf
08:39:17,785 TRACE [org.jboss.security] (default task-5) PBOX00201: End isValid, result = true
08:39:17,798 TRACE [org.jboss.security] (default task-5) PBOX00354: Setting security roles ThreadLocal: null
08:39:17,814 TRACE [org.jboss.security] (default task-5) PBOX00200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal@c0d93cdc, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@4b02ffcf
08:39:17,814 TRACE [org.jboss.security] (default task-5) PBOX00204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@4b02ffcf, credential class: class [C
08:39:17,815 TRACE [org.jboss.security] (default task-5) PBOX00205: End validateCache, result = true
08:39:17,817 TRACE [org.jboss.security] (default task-5) PBOX00201: End isValid, result = true
08:39:17,832 TRACE [org.jboss.security] (default task-5) PBOX00354: Setting security roles ThreadLocal: null
08:39:17,906 TRACE [org.jboss.security] (default task-5) PBOX00200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal@c0d93cdc, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@4b02ffcf
08:39:17,906 TRACE [org.jboss.security] (default task-5) PBOX00204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@4b02ffcf, credential class: class [C
08:39:17,910 TRACE [org.jboss.security] (default task-5) PBOX00205: End validateCache, result = true
08:39:17,916 TRACE [org.jboss.security] (default task-5) PBOX00201: End isValid, result = true
08:39:17,920 TRACE [org.jboss.security] (default task-5) PBOX00354: Setting security roles ThreadLocal: null

Java mon amour

Friday, April 27, 2018

Wildfly FORM based authentication with DB realm

No comments:

Search This Blog

popular posts

911truth.org

cars?

SyntaxHighlighter

Blog Archive