5 Replies Latest reply on Oct 17, 2002 12:49 PM by tim.penhey

Add LoginModule in 3.0.x?

scottgreen Oct 14, 2002 9:05 PM

Hello,
I've created a new login module to use with a datasource realm. I've added a jar file with the module to the configuration's lib directory, but it looks like the new login module class is not being found. I'm getting a "principal = null" error.

In JBoss 3.0.3, what is the best way to make JBoss aware of a new login module class? I'm afraid I might be missing a basic step.

Thanks.

-Scott Green

1. Re: Add LoginModule in 3.0.x?

mike.pettit Oct 15, 2002 4:12 PM (in response to scottgreen)

try editing/customizing conf/login-config.xml
Actions
2. Re: Add LoginModule in 3.0.x?

scottgreen Oct 15, 2002 5:15 PM (in response to scottgreen)

Thanks for the suggestion.

I think I have configured the login-config.xml

I've created a new class, that currently for testing purposes is ConfiguredIdentityLoginModule with a new name. I've put a jar with this class into the configuration's lib directory, and I've added the following realm to the login-config.xml:

<application-policy name = "MySqlDbRealm">

<login-module code = "org.jboss.resource.security.MyLoginModule" flag = "required">
<module-option name = "principal">root</module-option>
<module-option name = "userName">root</module-option>
<module-option name = "password">test</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option>
</login-module>

</application-policy>

When I try to connect to the datasource I get "java.lang.SecurityException: Invalid authentication attempt, principal=null]"

I'm assuming, perhaps incorrectly, that the problem is that the class is now being found, because it get the same exception if I put in a garbage class name in the code field.

If I use ConfiguredIdentityLoginModule instead, everything works as expected.
Actions
3. Re: Add LoginModule in 3.0.x?

scottgreen Oct 15, 2002 6:25 PM (in response to scottgreen)

Hi,

The method I described in the last post worked correctly on the JBoss 3.2.x beta. Has anyone successfully used their own LoginModule for a datasource connection in 3.0.3?

-Scott Green
Actions
4. Re: Add LoginModule in 3.0.x?

mike.pettit Oct 15, 2002 8:57 PM (in response to scottgreen)

I am working on getting a custom Login module to work in JBoss 3.0.3 - I will keep this thread updated on my progress. Currently my problem is an "IllegalStateException - Security Context Not set"

any info on this error would be greatly appreciated.
-MP
Actions
5. Re: Add LoginModule in 3.0.x?

tim.penhey Oct 17, 2002 12:49 PM (in response to scottgreen)

Yes.

My login module derived from the DatabaseServerLoginModule.

One thing though, if you are trying to get the principal using getIdentity() you might have a wee problem.

In the initialize method I do the following:

SecurityAssociationCallback sac = new SecurityAssociationCallback();
Callback[] callbacks = {sac};
try {
callbackHandler.handle(callbacks);
principal = sac.getPrincipal();
log.trace("principal: " + principal);
}
catch (Exception e) {
log.error("callback failed: " , e);
}

where principal is a private Principal object.

Tim
Actions

Go to original post