2 Replies Latest reply on Sep 15, 2002 9:16 PM by vipulm

UsersRolesLoginModule bad password

vipulm Sep 13, 2002 1:03 AM

Hi,

We are using jaas modules for custom authentication.
We have a login module called TestLoginModule which needs to access a EJB, say Accounts EJB. The Accounts EJB is protected by a UsersRolesLoginModule. The TestLoginModule uses ClientLoginModule to log on and then accesses the EJB.

This scheme works in most cases but once in a while the TestLoginModule is not able to access the Accounts EJB. We get the following exception on the client:

java.rmi.RemoteException: checkSecurityAssociation; nested exception
is:
[java] java.lang.SecurityException: Authentication exception, principal=blah
[java] java.lang.SecurityException: Authentication exception, principal=blah
[java] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:177)
[java] at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:93)
[java] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:118)
[java] at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
[java] at org.jboss.ejb.Container.invoke(Container.java:726)

On the server, we get an erro:
[org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for blah

This problem has started to become a lot common lately.
Any help appreciated,

Thanks

1. Re: UsersRolesLoginModule bad password

moraelin Sep 13, 2002 7:56 AM (in response to vipulm)

Sounds like an interesting workaround, but personally I'd say just don't call an EJB from a LoginModule. It's not the way it was supposed to work. Move the account checking logic either into the LoginModule itself, or into a non-secured EJB.
Actions
2. Re: UsersRolesLoginModule bad password

vipulm Sep 15, 2002 9:16 PM (in response to vipulm)

Thanks Moraelin!
Actions

Go to original post