|
|
|
Re: Security in Juno [message #894345 is a reply to message #894320] |
Sun, 08 July 2012 14:05 |
Eclipse User |
|
|
|
I tried the following setup with success:
- Person table on DB.
CREATE TABLE PERSON (
PERSON_NR DECIMAL NOT NULL,
NAME VARCHAR(128),
PRENAME VARCHAR(128),
BIRTHDAY DATE,
PASSWORD VARCHAR(128),
PRIMARY KEY (PERSON_NR)
);
- add DataSourceSecurityFilter to 'org.eclipse.db.testapp.server/plugin.xml'
<filter
aliases="/process"
class="org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter"
ranking="40">
</filter>
- configuration of DataSourceSecurityFilter in 'org.eclipse.db.testapp.server/producs/development/config.ini'
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#active=true
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#realm=TEST APPLICATION
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#jdbcDriverName=org.apache.derby.jdbc.EmbeddedDriver
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#jdbcMappingName=jdbc:derby:D:/Temp/max24h/scoutJuno/derbyDb
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#jdbcUsername=
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#jdbcPassword=
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#selectUserPass=SELECT LOWER(NAME) FROM PERSON WHERE LOWER(NAME)=? AND PASSWORD=?
Ensure to have no white spaces at the end of the parameters and set all other security filters to active=false.
- ensure the bundle 'org.eclipse.scout.http.servletfilter' is added as requred bundle in the product file.
If you are still in troubles let us know your configuration and stack traces.
-andreas
|
|
|
|
Re: Security in Juno [message #894454 is a reply to message #894410] |
Mon, 09 July 2012 09:45 |
Eclipse User |
|
|
|
@J.Br.
Thank you for the wiki update.
The 'DataSourceSecurityFilter' does a Base64 encryption in its default negotiate implementation (see 'DataSourceSecurityFilter.negotiate' and 'DataSourceSecurityFilter.encryptPass'). So the expected password in the database is also Base64 encrypted. To change this behavior change one or the other implementation of the two methods in a subclass of DataSourceSecurityFilter.
-andreas
|
|
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.04104 seconds