5 Replies Latest reply on Sep 12, 2001 4:18 AM by jochenriekhof

    Why is auth.conf-other always called

    jochenriekhof
    jochenriekhof Sep 5, 2001 1:50 PM

      I now continued trying to activate DatabaseServerLoginModule authentication. Only after I built my own LoginModule based on the above with additional debug output I figured out that the "other"-config-section is performed in ADDITION to my own one. This means, of course, that authentication always fails. I removed some old users/roles.properties from my deploy.jar and - JBoss UsersRolesLoginModule even crashed with "file not found". Now I brute-force replaced the other entry content with my login-config and it works (my module is called twice this way, though). Can anybody explain this? Or is this a bug?

      • 14720 Views
      • Tags:
        • 1. Re: Why is auth.conf-other always called
          kashpaw
          kashpaw Sep 5, 2001 5:14 PM (in response to jochenriekhof)

          U probably have a typ0 somewhere. R u specifying the security domain string properly in the LoginContext constructor? Does that string match what you specified in the security-domain tag in the jboss.xml?

            • Actions
          • 2. Re: Why is auth.conf-other always called
            starksm64
            starksm64 Sep 6, 2001 1:32 AM (in response to jochenriekhof)

            The other configuration is not performed in addition, it is performed when the name passed to the LoginContext does not match any other configuration entry.

              • Actions
            • 3. Re: Why is auth.conf-other always called
              jochenriekhof
              jochenriekhof Sep 6, 2001 12:04 PM (in response to jochenriekhof)

              Hmmm, the tag in the config "myentry" is identical to the one in jboss.xml (<security-domain>java:/jaas/myentry</security-domain>). The Client-side name "myentry" passed to LoginContext should not matter, but it is the same, too. Also, as I described, the DatabaseServerLoginModule (which is configured ONLY in my config) IS called, (so the name is found) as I get the debug info in jboss-console. But after this the "other"-Config with it's UsersRolesLoginModule is called IN ADDITION, this one fails and so the overall authentication fails. Weird?!

                • Actions
              • 4. Re: Why is auth.conf-other always called
                starksm64
                starksm64 Sep 8, 2001 10:39 AM (in response to jochenriekhof)

                Then post your auth.conf

                  • Actions
                • 5. Re: Why is auth.conf-other always called
                  jochenriekhof
                  jochenriekhof Sep 12, 2001 4:18 AM (in response to jochenriekhof)

                  Here is my auth.conf: (removed comments)
                  simple {
                  org.jboss.security.auth.spi.SimpleServerLoginModule required;
                  };

                  client-login {
                  org.jboss.security.ClientLoginModule required;
                  };

                  myentry {
                  org.jboss.security.auth.spi.DatabaseServerLoginModule required
                  dsJndiName="java:/OraConn"
                  principalsQuery="select Password from Principals where PrincipalID=?"
                  rolesQuery="select Role, RoleGroup from Roles where PrincipalID=?"
                  ;
                  };

                  other {
                  org.jboss.security.auth.spi.UsersRolesLoginModule required;
                  };

                    • Actions