13 Replies Latest reply on Oct 16, 2001 4:54 AM by patrickvankann

    JBoss-Tomcat JASS - env not bound

    gzugic

      I have difficulties trying to resolve my JBoss-Tomcat JASS "env not bound" problem. My environment is:

      Jboss2.2.2-Tomcat3.2.2
      Oracle RDBMS 8.1.7

      I am trying to test basic and form based authentication on my application. I am using DatabaseServerLoginModule with Principals and Roles tables created in an Oracle database. My user is "test" with "TestAdministrator" role and group Roles. This information is inserted in Principals and Roles tables. I also added <security-domain> to jboss.xml and jboss-web.xml as

      <security-domain>java:/jass/test</security-domain>

      My auth.conf file in ${jboss.dist}/conf/tomcat/auth.con looks like this:

      test {
      org.jboss.security.auth.spi.DatabaseServerLoginModule required
      dsJndiName="java:/DefaultDS"
      principalsQeuery="select Password from Principals where PrincipalID=?"
      rolesQuery="select Role, RoleGroup, from Roles where principalID=?"
      ;
      }

      DefaultDS is Oracle and it is defined in ${jboss.dist}/conf/tomcat/jboss.jcml:

      ...

      DefaultDS
      org.opentools.minerva.jdbc.xa.wrapper.XADataSourceImpl

      jdbc:oracle:thin:@localhost:1521:testdb
      1200000
      test
      50
      test
      false
      false
      false
      true
      120000
      1800000
      false
      false
      1.0
      10

      ...

      web.xml security part is
      ...
      <security-role>
      <role-name>TestAdministrator</role-name>
      </security-role>

      <!--
      <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
      <form-login-page>/login.html</form-login-page>
      <form-error-page>/login.html</form-error-page>
      </form-login-config>
      </login-config>
      -->

      <login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>Security test</realm-name>
      </login-config>

      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Restricted</web-resource-name>
      <url-pattern>/index.html</url-pattern>
      </web-resource-collection>
      <auth-constraint>
      <role-name>TestAdministrator</role-name>
      </auth-constraint>
      <user-data-constraint>
      no description
      <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
      </security-constraint>

      When I try to login as user "test" JBoss gives me this error all the time:

      [EmbeddedTomcatSX]Error during authentication
      [EmbeddedTomcatSX]javax.naming.NameNotFoundException: env not bound

      Could you please help me to resolve this problem. I obviously missing something in JBoss-JASS configuration.

      Thanks,
      Goran Zugic

        • 1. Re: JBoss-Tomcat JASS - env not bound
          dhinojosa

          Did you find anything on your console that says that java:/DefaultDS was successfully bound?

          • 2. Re: JBoss-Tomcat JASS - env not bound
            gzugic

            Yes, I see the following message on my console:

            [DefaultDS] Starting
            [DefaultDS] XA Connection pool DefaultDS bound to java:/DefaultDS
            [DefaultDS] Started

            /Goran

            • 3. Re: JBoss-Tomcat JASS - env not bound
              dhinojosa

              Well, I do have some suggestions:

              Replace everything that says JASS with JAAS (Java Authentication Authorization Service). This includes the web.xml and jboss-web.xml with <security-domain>java:/jaas/test</security-domain>

              The other thing is the Principals Query in the auth.conf is misspelled it needs to be:

              test {
              org.jboss.security.auth.spi.DatabaseServerLoginModule required
              dsJndiName="java:/DefaultDS"
              principalsQuery="select Password from Principals where PrincipalID=?"
              rolesQuery="select Role, RoleGroup, from Roles where principalID=?"
              ;
              }



              Give those suggestions a try. : )

              Danno

              • 4. Re: JBoss-Tomcat JASS - env not bound
                gzugic

                Danno:

                I misspelled them in the message. I have JAAS and principalsQuery in the configuration files. Sorry for this confusion. Next time I'll do "cut and paste".

                Thanks,
                Goran

                • 5. Re: JBoss-Tomcat JASS - env not bound
                  davidnash

                  Goran,

                  Where are you putting jboss-web.xml? In my experience I have found that it needs to be in a .war file which is then jarred up to an .ear file in order for jBoss to see it.

                  -David

                  • 6. Re: JBoss-Tomcat JASS - env not bound
                    gzugic

                    David:

                    I am doing exactly what you explained. My jboss-web.xml is in my app web.war under WEB-INF that is jarred up to my app .ear file. My app has EJBs/JSPs/Servlets running fine in JBoss-Tomcat environment. However, I am getting "env not bound"
                    error when I try to add security the way I explained in my first message.

                    Thanks,
                    Goran

                    • 7. Re: JBoss-Tomcat JASS - env not bound
                      davidnash

                      Goran,

                      I am assuming your jboss-web.xml file looks something like this:

                      <?xml version="1.0" encoding="UTF-8"?>

                      <jboss-web>
                      <!-- All secured web content uses this security manager -->
                      <security-domain>java:/jaas/pdmsbuilds</security-domain>
                      </jboss-web>


                      When you put your ear file in the deploy directory, does your log show that the security manager is being linked to a JNDI name, as in the Linking Security line below?

                      [Container factory] Deployed application: file:/jboss/sftw/JBoss-2.2.2_Tomcat-3.2.2/jboss/
                      tmp/deploy/Default/pdmsbuilds.ear
                      [J2EE Deployer Default] Starting module pdmsbuilds.war
                      [Auto deploy] deploy, ctxPath=/pdmsbuilds, warUrl=file:/jboss/sftw/JBoss-2.2.2_Tomcat-3.2.
                      2/jboss/tmp/deploy/Default/pdmsbuilds.ear/web1001/
                      [Auto deploy] AbstractWebContainer.parseWebAppDescriptors, Begin
                      [Auto deploy] addEnvEntries
                      [Auto deploy] linkResourceRefs
                      [Auto deploy] linkEjbRefs
                      [Auto deploy] linkSecurityDomain
                      [Auto deploy] Linking security/securityMgr to JNDI name: java:/jaas/pdmsbuilds
                      [Auto deploy] AbstractWebContainer.parseWebAppDescriptors, End
                      [Auto deploy] Initialized: {WebApplication:/jboss/sftw/JBoss-2.2.2_Tomcat-3.2.2/jboss/tmp
                      /deploy/Default/pdmsbuilds.ear/web1001/, URL: file:/jboss/sftw/JBoss-2.2.2_Tomcat-3.2.2/jboss/tmp/deploy/Default/pdmsbuilds.ear/web1001/, classLoader: AdaptiveClassLoader( ):7890174}
                      [J2EE Deployer Default] J2EE application:file:/jboss/sftw/JBoss-2.2.2_Tomcat-3.2.2/jboss/
                      deploy/pdmsbuilds.ear is deployed.

                      -David

                      • 8. Re: JBoss-Tomcat JASS - env not bound
                        gzugic

                        David:

                        I just found out that <context-root> had no value in my application.xml file. I added it and security works now. My application.xml looks like this:

                        <?xml version="1.0" encoding="UTF-8"?>


                        <display-name>Test</display-name>

                        test.jar



                        <web-uri>test.war</web-uri>
                        <context-root>/test</context-root>




                        Thank you very much for your time!

                        Goran

                        • 9. Re: JBoss-Tomcat JASS - env not bound
                          dosten

                          I am having the same problem and can't seem to get it to work. I really don't want to Jar/EAR my app up.
                          Must you have your web app in an EAR file in /deply?
                          Or can you just leave them in /webapps/.

                          • 10. Re: JBoss-Tomcat JASS - env not bound
                            dosten

                            I got my ear'ed up but not I get this error when accessing a protected area of the web site:

                            java.lang.SecurityException: Configuration Error:
                            Line 5: expected 'controlFlag', found 'null'
                            at com.sun.security.auth.login.ConfigFile.getAppConfigurationEntry(ConfigFile.java:221)


                            this is my auth.conf
                            // Put login modules providing authentication and realm mappings
                            // for security domains.

                            test {
                            org.jboss.security.auth.spi.DatabaseServerLoginModule required;
                            dsJndiName="java:/DefaultDS"
                            principalsQuery="select Password from Principals where PrincipalID=?"
                            rolesQuery="select Role, RoleGroup from Roles where PrincipalID=?"
                            };

                            Any ideas,
                            Thanks in advance,
                            Darren

                            • 11. Re: JBoss-Tomcat JASS - env not bound
                              gzugic

                              Darren:

                              Remove semicolon (;) at the end of the following line in your auth.conf:

                              org.jboss.security.auth.spi.DatabaseServerLoginModule required;

                              /Goran

                              • 12. Re: JBoss-Tomcat JASS - env not bound
                                gzugic

                                Also add a semicolon after the last line:

                                ...
                                rolesQuery="select Role, RoleGroup from Roles where PrincipalID=?"
                                ;
                                };

                                • 13. Re: JBoss-Tomcat JASS - env not bound
                                  patrickvankann

                                  Did you ever figure out how to get servlets working under JBoss without sticking it all in an EAR? I've followed the "External" instructions in
                                  http://www.jboss.org/documentation/HTML/ch07s22.html but get "env not bound" exception in the InterestServlet example when I try and deploy the WAR in tomcat/webapps and the EJBs (in a JAR) in jboss/deploy. I checked http://localhost:8082 and the EJB in question is bound to JNDI correctly (interest/Interest).

                                  I use the URL jnp://localhost:1099/interest/Interest in jboss-web.xml (for example).

                                  Thanks in advance.

                                  Patrick