Same problem, principal=null, as everyone else?
gdagley Mar 3, 2003 4:56 PMI seem to be having the same problem propagating the login information from the servlet container to the EJB container. I am using the jboss-3.0.5_tomcat-4.1.18 implementation.
The problem is that I see the LoginContext.login() appear to successfully log in only to have the call to the EJB fail because of the "Authentication exception, principal=null" that others have mentioned here. I have not found how to get around this.
Am I missing some fundamental point here? (Most likely or I wouldn't be here, right?)
Here are some of the code snippets I am working with.
Thanks
-------login-config.xml---------------
<!-- Used by Argo to do the database lookup for username password,
and retrieve the roles/authorizations.
-->
<application-policy name = "argo-login">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name="dsJndiName">java:SecurityDS</module-option>
<module-option name="principalsQuery">select password from app_user where login_name = ?</module-option>
<module-option name="rolesQuery">select authorization_name, 'Roles' from v_user_authorization where login_name = ?</module-option>
</login-module>
</application-policy>
...
-------jboss.xml---------------
<security-domain>java:/jaas/argo-login</security-domain>
<unauthenticated-principal>nobody</unauthenticated-principal>
<enterprise-beans>
<ejb-name>SecurityEJB</ejb-name>
<jndi-name>parago/ejb/Security</jndi-name>
...
</enterprise-beans>
-------ArgoControl.java---------------
handler = new AppCallbackHandler(credentials.getUserName(), credentials.getPassword());
lc = new LoginContext("argo-login", handler);
lc.login();
subject = lc.getSubject();
LOGGER.debug("Login successful.");
SecurityHome home = (SecurityHome)EJBUtil.getRemoteHome(UserManagementConstants.JNDI_SECURITY, SecurityHome.class);
Security remote = home.create(); // Problem occurs here
loginUserVO = remote.findUserByLoginName(loginName);
-------server.log---------------
2003-03-03 15:27:47,530 DEBUG [com.parago.common.web.servlet.ArgoControl] (HttpProcessor[8081][2]:) Login successful.
2003-03-03 15:27:47,608 ERROR [org.jboss.ejb.plugins.SecurityInterceptor] (HttpProcessor[8081][2]:SecurityEJB) Authentication exception, principal=null
2003-03-03 15:27:47,608 ERROR [org.jboss.ejb.plugins.LogInterceptor] (HttpProcessor[8081][2]:SecurityEJB) EJBException, causedBy:
java.lang.SecurityException: Authentication exception, principal=null
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
at org.jboss.ejb.Container.invoke(Container.java:730)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:98)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:102)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:77)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:80)
at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:198)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
at $Proxy1034.create(Unknown Source)