-
1. Re: Login keeps failing
Not much help are you?.....
I don't think the database is being queried. I re-started mySQL with the -log option, and some manual queries appeared in it, but the queries I would expect from JBoss didn't arrive.
JBoss's console log outputs:
[INFO,mySQL] No transaction right now.
Whenever I try to log in. It looks like the datasource isn't allowing the DatabaseServerLoginModule to perform the query.
Any ideas why? -
2. Re: Login keeps failing
> How can I get more logging info out of JAAS, or the
> DatabaseServerLoginModule?
JAAS doesn't have any logging stuff.
For the DatabaseServerLoginModule, have you tried setting your log4j log-level to DEBUG ? What messages does it log ? You say the login failed, but what are the messages you're getting that indicate this ?
Note that if you're stuck you can of course always add your own debug statements into DatabaseServerLoginModule.java to trace what is happening. -
3. Re: Login keeps failing
Thanks for that! I changed the logging level to DEBUG.Now it tells me:
[INFO,mySQL] No transaction right now.
[DEBUG,Portal] Login failure
javax.security.auth.login.FailedLoginException: No matching username found in Principals
at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:97)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:145)
at java.lang.reflect.Method.invoke(Native Method)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:595)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:125)
at javax.security.auth.login.LoginContext$3.run(LoginContext.java:531)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:528)
at javax.security.auth.login.LoginContext.login(LoginContext.java:449)
at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:394)
at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:361)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:217)
at org.jboss.web.catalina.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:253)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:263)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:459)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2344)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:163)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1011)
at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1106)
at java.lang.Thread.run(Unknown Source)
I have typed in a valid user name. The data is there in mySQL:
mysql> select users.handle, password, userroles.role, userroles.rolegroup
from users, userroles
where users.handle="fred" and userroles.handle="fred";
+--------+----------+---------+-----------+
| handle | password | role | rolegroup |
+--------+----------+---------+-----------+
| fred | fred | manager | manager |
+--------+----------+---------+-----------+
Still no queries arriving in the mySQL log file! It is not contacting the database server, but still complaining that the username is not found!
PS: I don't have the source to manually debug the DatabaseServerLoginModule. -
4. Re: Login keeps failing
Well, I decompiled DatabaseServerLoginModule, and added a log message in when it prepared its SQL.
The username which it is using in its PreparedStatement is null!
My login form is right:
<FORM method=post action=j_security_check>
<TABLE cellPadding=14 align=center border=2 summary="Logon">
User
<INPUT type=text name=j_username/>
Password
<INPUT type=password name=j_password/>
<INPUT type=submit src="" value="Logon"/>
The password is set in the superclass, UsernamePasswordLoginModule, and the decompiler hangs when I try to decompile that.
How come I have what looks like a blatant BUG in a commonly used feature? This make me think I MUST be doing something wrong! -
5. Re: Login keeps failing
Sorry, I don't know about the login form (I use a custom form).
But at least you know how where your problem is located, there are other postings on the subject of login form.
By the way, you can download the source bundle of JBoss, and build it using "ant". Then it's easier to introspect any part of JBoss at any time.
(Hey it's open source, let's take advantage of that, don't need to decompile the stuff like in other products ;) ) -
6. Re: Login keeps failing
Looking more deeply, the Map sharedState passed into DatabaseServerLoginModule.initialize() does not contain the key:
"javax.security.auth.login.name"
which is how it finds the username.
There is a bug further down.