problems with multiple login modules
dagkilsk Jul 10, 2002 10:52 AM
Hi all.
I have problems combining 2 login modules. First I wrote 2 custom login
modules which individually work fine. But when I combine them like this:
<application-policy name = "connectClientDomain">
<authentication>
<login-module code = "no.boostcom.security.MedlemsregisterLoginModule"
flag = "sufficient">
<module-option name "unauthenticatedIdentity">anybody</module-option>
</login-module>
<login-module code = "no.boostcom.security.AdminLoginModule"
flag = "required">
<module-option name = "unauthenticatedIdentity">anybody</module-option>
</login-module>
</authentication>
</application-policy>
They suddenly do not work. Which I found very strange. I tried sevral
combinations of login-module flags like (optional, optional), (sufficient,
required), (sufficient, optional), (sufficient, sufficient) and so on without
any visible effect. Next I tried switching login modules from my custom login
modules to trivial UsersRolesLoginModules, which also work fine individually
but combined they still fail if one of them fails no matter how you set the
flags. I've also tried switching VM from sun's 1.4.0 to IBM1.3 but the result
is still the same:
2002-07-10 15:25:31,875 DEBUG [org.jboss.ha.jndi.HAJNDI] lookupLocally
2002-07-10 15:25:32,333 DEBUG
[org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for
username=daniel
2002-07-10 15:25:32,388 DEBUG
[org.jboss.security.plugins.JaasSecurityManager.connectClientDomain] Login
failure
javax.security.auth.login.FailedLoginException: Password Incorrect/Password
Required
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:146)
at
org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:119)
at java.lang.reflect.Method.invoke(Native Method)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:664)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:599)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:596)
at javax.security.auth.login.LoginContext.login(LoginContext.java:523)
at
org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:381)
at
org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:347)
at
org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:215)
at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:165)
at
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:93)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:109)
at
org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
at org.jboss.ejb.Container.invoke(Container.java:726)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:491)
at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:362)
at java.lang.reflect.Method.invoke(Native Method)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:242)
at sun.rmi.transport.Transport$1.run(Transport.java:155)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:152)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:462)
at
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:662)
at java.lang.Thread.run(Thread.java:498)
2002-07-10 15:25:33,009 ERROR [org.jboss.ejb.plugins.SecurityInterceptor]
Authentication exception, principal=daniel
2002-07-10 15:25:50,342 DEBUG
[org.jboss.ejb.plugins.LRUEnterpriseContextCachePolicy] Resized cache for
bean PossibleAttribute: old capacity = 1000000, new capacity = 50
After this I tend to suspect there might be a bug lurking in the shadows of
JBossSX. Can somebody please confirm this, or give me some clue about what I
might do wrong.
thanx...
-DAG-