0 Replies Latest reply on Apr 14, 2003 5:40 AM by ggardner

    exception thrown from validatePassword() method of custom lo

    ggardner

      I have a JBossSybaseLoginModule implementation extending UsernamePasswordLoginModule.

      My validatePassword() method returns false if the username/password combination is invalid, and chucks an SQLException if the sybase server we are trying to authenticate is not available.

      My problem is that the exception seems to be treated identically to the invalid credentials and gets a "DEBUG" entry in the log. I've attached the log segment below.

      12:58:48,745 DEBUG [bali] Login failure
      javax.security.auth.login.LoginException: java.lang.RuntimeException: login module misconfigured or sybase is down. jav
      adev/javadev cannot connect to jdbc:sybase:Tds:cbserv3.macbank:20003
      at com.macquarie.banking.bali.security.JbossSybaseLoginModule.ping(JbossSybaseLoginModule.java:100)
      at com.macquarie.banking.bali.security.JbossSybaseLoginModule.validatePassword(JbossSybaseLoginModule.java:86)
      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:144)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
      at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:436)
      at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:402)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:229)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:204)
      at org.jboss.jetty.security.JBossUserRealm$JBossUserPrincipal.isAuthenticated(JBossUserRealm.java:72)
      at org.jboss.jetty.security.JBossUserRealm$JBossUserPrincipal.authenticate(JBossUserRealm.java:133)
      at org.jboss.jetty.security.JBossUserRealm.authenticate(JBossUserRealm.java:254)
      at org.mortbay.http.BasicAuthenticator.authenticated(BasicAuthenticator.java:51)
      at org.mortbay.http.SecurityConstraint.check(SecurityConstraint.java:353)
      at org.mortbay.http.HttpContext.checkSecurityContstraints(HttpContext.java:1441)