Hi,
We are using jaas modules for custom authentication.
We have a login module called TestLoginModule which needs to access a EJB, say Accounts EJB. The Accounts EJB is protected by a UsersRolesLoginModule. The TestLoginModule uses ClientLoginModule to log on and then accesses the EJB.
This scheme works in most cases but once in a while the TestLoginModule is not able to access the Accounts EJB. We get the following exception on the client:
java.rmi.RemoteException: checkSecurityAssociation; nested exception
is:
[java] java.lang.SecurityException: Authentication exception, principal=blah
[java] java.lang.SecurityException: Authentication exception, principal=blah
[java] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:177)
[java] at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:93)
[java] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:118)
[java] at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
[java] at org.jboss.ejb.Container.invoke(Container.java:726)
On the server, we get an erro:
[org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for blah
This problem has started to become a lot common lately.
Any help appreciated,
Thanks