JDBC Realm Authentication Sample Application |
JDBC Realm Authentication Sample Application
This document describes how to utilize the JDBC Realm Authentication sample application in conjunction with Application Server.This sample application document contains the following sections:
Overview
Compiling and Assembling the Sample Application
Deploying the Sample Application
Overview
The JDBC Realm Authentication sample application is a collection of simple applications that demonstrate the basic security mechanism in the Application Server. Assembling this application and deploying it to the Application Server introduces you to the Application Server Administration Tool.The following instructions describe how to manually deploy the application. You may want to experiment by modifying and redeploying the sample.
Precompilation Tasks
Before you begin to compile and deploy the code, there are some housekeeping tasks that need to be done.
Startup the PointBase database server.
Make sure the PUBLIC.user_tbl exists and there are users in the PUBLIC.user_tbl.
- Go to the <install_root>/pointbase/server directory and run the StartServer.sh script.
- The default admin username and password are security/security.
Add the following line to the login.conf in the <install_root>/domains/domain1/config/login.conf:
Connect to the adminserver and select the instance of the appserver where you want the jdbcsecurity app deployed.
- jdbcRealm { samples.security.jdbcrealm.JDBCLoginModule required };
From the left hand side column select Security --> Realms
Click on Security on the Left Hand Side Column.
Cick on jdbc on the left hand column under Security --> Realms --> jdbc
- You should see Security pane on the Right Hand side.
- Select the Default Realm as jdbc.
name = dbusername
value=security
name = dbpasswd
value=security
name = userpasswdcol
value=passwd
name = usergroupcol
value=groups
name = jaas-context
value=jdbcRealm
To connect to pointbase database add:
Or, to connect to oracle database add
name = usernamecol
value=userid
name = usertable
value=user_tbl
name = dbdrivername
value=oracle.jdbc.driver.OracleDriver
name = dburl
value=jdbc:oracle:thin:@<server>:<port>:<SID>
If you want to run the sample on Oracle database, create the user/password as security/security using the scripts mentioned in this document. Once the username is created you have manually create the user_tbl and insert the data in the table using sqlplus. To do this, use the following script: <install_root>/samples/security/realms/apps/rdbms/setup/sql/dbscript-ora.sql.
Note: You need to ensure that the jdbcsecurity.jar file which contains the JDBCRealm.class in added to classpath-suffix element of <install-root>/domains/domain1/domain.xml file.
You can copy file <install_root>/samples/security/realms/apps/rbdms/build/assemble/jar/jdbcsecurity.jar to <install_root>/domains/domain1/lib/ directory after jdbcsecurity.jar built via asant core (See compiling section). The domain.xml file should look like this when you are done with your edits to add jdbcsecurity.jar to the server's classapth:<java-config classpath-suffix="${com.sun.aas.installRoot}/pointbase/lib/pbclient.jar ${path.separator}${com.sun.aas.installRoot}/pointbase/lib/pbembedded.jar ${path.separator}${com.sun.aas.javaRoot}/domains/domain1/lib/jdbcsecurity.jar" debug-enabled="false" debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=1044" env-classpath-ignored="true" java-home="${com.sun.aas.javaRoot}" javac-options="-g" rmic-options="-iiop -poa -alwaysgenerate -keepgenerated -g" server-classpath="${com.sun.aas.javaRoot}/lib/tools.jar ${path.separator}${com.sun.aas.installRoot}/lib/install/applications/jmsra/imqjmsra.jar ${path.separator}${com.sun.aas.imqLib}/jaxm-api.jar ${path.separator}${com.sun.aas.imqLib}/fscontext.jar ${path.separator}${com.sun.aas.installRoot}/lib/ant/lib/ant.jar ${path.separator}/usr/lib/audit/Audit.jar">
You must now restart the server for these changes to take effect.
Execute:
- <install_root>/bin/asadmin stop-domain <domain_name>
- <install_root>/bin/asadmin start-domain <domain_name>
Compiling and Assembling the Sample Application
This section contains instructions to build and assemble the sample application using a Command Line Interface (CLI).To rebuild the entire application from scratch, follow these steps:
Before compiling the source under
<install_root>/samples/webapps/security/apps/basic-auth/
you need to change the file
<install_root>/samples/webapps/security/apps/basic-auth/web/WEB-INF/web.xml
from this code:<realm-name>default</realm-name>to contain this:<realm-name>jdbc</realm-name>Note: if you were to use Form-Auth as your testing sample, then change file
<install_root>/samples/webapps/security/form-auth/web/WEB-INF/web.xml:
from this code:<realm-name>basic-file</realm-name>to contain this:<realm-name>jdbc</realm-name>Now you are ready to begin compiling the sample application.Compile and Assemble the JDBC and Web Application. For example:
You are now ready to use this ear file for deployment.
Execute asant under <install_root>/samples/security/realms/apps/rdbms/
If you haven't already done so, ensure that the jdbcsecurity.jar file has been added to the server's classpath. To do this, follow these steps here.
Note:This generates jdbcsecurity.jar file under directory build/assemble/war/, and if you haven't done so already, you need to copy this to <install_root>/domains/domain1/lib/ directory, as noted here.
- <install_root>/samples/webapps/security/apps/basic-auth/
Clean the web application project area. For example:
- Once you have re-created the sample application from scratch proceed to Deploying the Sample Application.
- Execute asant clean
- This will remove the sample application assemble and build directories.
Deploying the Sample Application
In this section, you will learn how to deploy the JDBC Realm Authentication sample application.Select one of the following approaches to deploying the application:
Command Line-based Deployment describes how to manually register the application in Application Server using a Command Line Interface (CLI). This is the fastest means of deploying the sample application.
GUI-based Deployment describes how to use the Application Server Admin GUI to import and deploy the sample application.
Command Line-based Deployment
The fastest means of setting up the application is to use the command line utilities as described in this section.The WebBasicApp.ear file is an Enterprise Archive file that contains Web Archive (WAR) file of the application. Within the WAR file resides the XML deployment descriptor files, application class files, JSPs and other content required by the application.
Deploying the WebBasicApp.ear file is simple. Deploy either by Using the asant script or by Using the asadmin command.
Go to the basic-auth directory of the sample. For example:
Run asant using deploy task. For example:
- <install_root>/samples/webapps/security/apps/basic-auth
- %asant deploy
Go to the root of the sample directory. For example:
The deployment process involves the following operations:
Execute asadmin to deploy application to the local application server instance. For example:
- <install_root>/samples/webapps/security/apps/basic-auth
- asadmin deploy -u <user-name> -w <password> -H <hostname> -p <admin server port> WebBasicApp.ear
Authenticates against the local application server's administrative server
If you would like to verify the registration of the application, you may proceed to Verifying Deployment. Otherwise, proceed to Running the Sample Application.The EAR file is transferred to the administrative server
The administrative server begins the registration process:
GUI-based Deployment
Since a pre-built Enterprise Archive (EAR) file for the sample application is included with the application server, you can use the Application Server Administration Tool to quickly read in the .ear file and deploy it to the application server.To deploy the EAR file, follow these steps:
Open the pre-existing sample EAR file.
If the deployment goes through fine, you will see the original pane with WebBasicAuth application as deployed. In the startup dialog, select Browse for more applications to find the WebBasicApp.ear file.Start the admin server if not already started. For example, in UNIX, execute the following: <install_dir>/bin/start-domain domain1
Navigate to the browser based admin server page [http://<server-host>:<admin-port>/admingui].
Enter your <username> and <password> to access the admin server.
Click on Application Server>Applications>Enterprise Applications
In the right hand pane, click on Deploy to deploy an application.
You will be asked for the application name.
- Choose the file (from disk) to be deployed (WebBasicApp.ear) and Click OK.
- Enter WebBasicApp and Click OK.
Generating Javadocs
To better understand sample application source code, you may refer to the related javadocs. To generate javadocs run one of the following commands:After javadocs have been generated, you can access them at <install_dir>/samples/security/realms/apps/rdbms/javadocs/index.html
Verifying Deployment
As an optional step, you can use the Application Server Administration Tool to verify that the application has been registered. Otherwise, proceed directly to Running the Sample Application.To verify the registration of the application, follow these steps:
Execute the command asadmin list-components to look at applications deployed with a server instance. For example:
Alternately, you may navigate the Admin tool GUI to the following:
- asadmin list-components -u <username> -w <password> -H <host> -p <admin-port>
- You will see WebBasicAuth listed.
On the left frame, Click on Enterprise Apps to display list of applications deployed on server.
- Application Server>Applications.
- You will see WebBasicAuth listed.
Running the Sample Application
You can run the application through the following URL: http://<hostname>:<port>/basic/index.jspLog on as "j2ee" with password "secret".
If you run the sample app more than once make sure you close all the instances of the browser so that the session information is not stored. Otherwise, it will not prompt you for the usename and password. Make sure you close your email sessions as well, so that all stored session information is destroyed.
Although the war, ear, context-root and servlet alias names in this sample are all "WebBasicApp", it is not necessary that it be so. The application will work as expected if the names of each of these attributes is unique. Rebuild the app after changing the context-root (in application.xml), the servlet alias (in web.xml) and the war and ear names (in the Ant build.xml), redeploy and test the sample to confirm this.
If you encounter problems when running the application, review the log files at <install-root>/domains/domain1/logs/server.log to learn what exactly went wrong.
If you encounter problems in server.log similar to this when running the application:
[#|2004-06-13T15:41:41.195-0400|WARNING|sun-appserver-pe8.1|javax.enterprise.sys tem.core.security|_ThreadID=10;|SEC1000: Caught exception. com.sun.enterprise.security.auth.realm.BadRealmException: java.lang.ClassNotFoun dException: samples.security.jdbcrealm.JDBCRealm at com.sun.enterprise.security.auth.realm.Realm.doInstantiate(Realm.java :203)You need to ensure that the jdbcsecurity.jar file which contains the JDBCRealm.class in added to classpath-suffix element of <install-root>/domains/domain1/domain.xml file. See here for how to fix this problem.
Copyright © 2004 Sun Microsystems, Inc. All rights reserved.
Last Updated June 14, 2004