-
1. Re: Add LoginModule in 3.0.x?
mike.pettit Oct 15, 2002 4:12 PM (in response to scottgreen)try editing/customizing conf/login-config.xml
-
2. Re: Add LoginModule in 3.0.x?
scottgreen Oct 15, 2002 5:15 PM (in response to scottgreen)Thanks for the suggestion.
I think I have configured the login-config.xml
I've created a new class, that currently for testing purposes is ConfiguredIdentityLoginModule with a new name. I've put a jar with this class into the configuration's lib directory, and I've added the following realm to the login-config.xml:
<application-policy name = "MySqlDbRealm">
<login-module code = "org.jboss.resource.security.MyLoginModule" flag = "required">
<module-option name = "principal">root</module-option>
<module-option name = "userName">root</module-option>
<module-option name = "password">test</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option>
</login-module>
</application-policy>
When I try to connect to the datasource I get "java.lang.SecurityException: Invalid authentication attempt, principal=null]"
I'm assuming, perhaps incorrectly, that the problem is that the class is now being found, because it get the same exception if I put in a garbage class name in the code field.
If I use ConfiguredIdentityLoginModule instead, everything works as expected. -
3. Re: Add LoginModule in 3.0.x?
scottgreen Oct 15, 2002 6:25 PM (in response to scottgreen)Hi,
The method I described in the last post worked correctly on the JBoss 3.2.x beta. Has anyone successfully used their own LoginModule for a datasource connection in 3.0.3?
-Scott Green -
4. Re: Add LoginModule in 3.0.x?
mike.pettit Oct 15, 2002 8:57 PM (in response to scottgreen)I am working on getting a custom Login module to work in JBoss 3.0.3 - I will keep this thread updated on my progress. Currently my problem is an "IllegalStateException - Security Context Not set"
any info on this error would be greatly appreciated.
-MP -
5. Re: Add LoginModule in 3.0.x?
tim.penhey Oct 17, 2002 12:49 PM (in response to scottgreen)Yes.
My login module derived from the DatabaseServerLoginModule.
One thing though, if you are trying to get the principal using getIdentity() you might have a wee problem.
In the initialize method I do the following:
SecurityAssociationCallback sac = new SecurityAssociationCallback();
Callback[] callbacks = {sac};
try {
callbackHandler.handle(callbacks);
principal = sac.getPrincipal();
log.trace("principal: " + principal);
}
catch (Exception e) {
log.error("callback failed: " , e);
}
where principal is a private Principal object.
Tim