2 Replies Latest reply on Apr 10, 2002 4:25 PM by elkner

    3.0.0b2 auth.conf SecurityException: Config Error

    elkner
    elkner Apr 9, 2002 12:16 AM

      Hi,

      I started using JBoss 3.0.0beta2 + j2sdk1.4.0. When I use the default auth.config, I always get many:

      java.lang.SecurityException: Configuration Error:
      Line 60: system property [] expanded to empty value
      at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:97)
      ...


      When setting a passwd value in the DefaultDbRealm, it starts up without any problem.

      DefaultDbRealm {
      //
      // Security domain for new jca framework.
      // One per ManagedConnectionFactory are required.
      org.jboss.resource.security.ConfiguredIdentityLoginModule required
      principal="sa"
      userName="sa"
      password=""
      managedConnectionFactoryName="jboss.jca:service=LocalTxCM"
      ;
      };


      OK - setting a password is not a problem, but when I want to deploy the documentation-example cd.jar (see ch05s09.html), I get the following error:

      06:09:49,393 INFO [MainDeployer] Starting deployment of package: file:/opt/jboss-3.0.0beta2/server/default/deploy/cd.jar
      06:09:50,818 INFO [EjbModule] Creating
      06:09:51,023 INFO [EjbModule] Deploying CDBean
      06:09:54,315 INFO [EjbModule] Deploying CDCollectionBean
      06:09:56,472 INFO [ConfiguredIdentityLoginModule] got principal: sa, username: sa, password: sa, mcfname: jboss.jca:service=LocalTxCM
      06:09:56,473 INFO [ConfiguredIdentityLoginModule] login called
      06:09:56,627 INFO [ConfiguredIdentityLoginModule] getIdentity called
      06:09:56,629 INFO [ConfiguredIdentityLoginModule] getRoleSets called
      06:09:56,969 ERROR [EntityContainer] Exception in service lifecyle operation: create
      java.sql.SQLException: Unable to get Connection: javax.resource.ResourceException: Unable to create DB connection for url: jdbc:hsqldb:hsql://localhost:1476, user: sa, exception: java.sql.SQLException: is denied
      at org.jboss.resource.adapter.jdbc.JDBCDataSource.getConnection(JDBCDataSource.java:114)
      ...

      Any hints, how to fix it?


      PS: Probably unrelated: I´m using Linux 2.4.18-xfs

      • 3139 Views
      • Tags:
        • 1. Re: 3.0.0b2 auth.conf SecurityException: Config Error
          davidjencks
          davidjencks Apr 9, 2002 8:42 PM (in response to elkner)

          hsqldb has UserName="sa", Password="" by default. Password="sa" doesn't work. I don't have jdk 1.4 yet, I don't understand exactly what the problem with the default auth.conf is. Could you explain in more detail?

            • Actions
          • 2. Re: 3.0.0b2 auth.conf SecurityException: Config Error
            elkner
            elkner Apr 10, 2002 4:25 PM (in response to elkner)

            Hi David,

            the problem is: having the password set to "", I get a lot
            of security exceptions when starting jboss:

            21:52:41,243 INFO [SecurityConfig] Starting
            21:52:41,351 ERROR [SecurityConfig] Starting failed
            java.lang.SecurityException: Configuration Error:
            Line 60: system property [] expanded to empty value
            at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:97)
            at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
            ...

            21:52:41,396 ERROR [SARDeployer] start operation failed on package file:/opt/jboss-3.0.0beta2/server/default/conf/jboss-service.xml
            java.lang.SecurityException: Configuration Error:
            Line 60: system property [] expanded to empty value
            at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:97)
            at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
            ...

            21:52:41,699 ERROR [MainDeployer] could not start deployment :file:/opt/jboss-3.0.0beta2/server/default/conf/jboss-service.xml
            org.jboss.deployment.DeploymentException: Configuration Error:
            Line 60: system property [] expanded to empty value; - nested throwable is: java.lang.SecurityException: Configuration Error:
            Line 60: system property [] expanded to empty value
            java.lang.SecurityException: Configuration Error:
            Line 60: system property [] expanded to empty value
            at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:97)
            at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
            ...

            21:52:41,757 ERROR [MainDeployer] Couldn't deploy URL file:/opt/jboss-3.0.0beta2/server/default/conf/jboss-service.xml
            org.jboss.deployment.DeploymentException: Configuration Error:
            Line 60: system property [] expanded to empty value; - nested throwable is: java.lang.SecurityException: Configuration Error:
            Line 60: system property [] expanded to empty value
            java.lang.SecurityException: Configuration Error:
            Line 60: system property [] expanded to empty value
            at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:97)
            at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
            ...

            So JBoss suffer an IOException, "because an empty password is not allowed anymore".

            Since you said, hsqldb has UserName="sa", Password="" by default, I assume, their is a way to change the default
            password to a non-empty value and JBoss will probably work. Have you a hint, how to do that?

            I know, this would be only a workaround. I guess, this is really a JBoss Bug, because JBoss probably assumes, that getProperty(key) always returns a non-null value ...


            Regards,
            jens.

              • Actions