-
1. Re: NT authentication in JBOSS
cobraflow May 2, 2003 9:30 AM (in response to soni78)...you could always set up LDAP to MAD (MS Active Directory)...
This is done through the login-config.xml file in your conf directory. There is quite a lot to understand if you don't know LDAP or the way in which Active Directory is structured!
Here is a starter...
<application-policy name = "LDAP">
<login-module code = "org.jboss.security.auth.spi.LdapLoginModule" flag = "required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://ldapserver:389/</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="principalDNPrefix">cn=</module-option>
<module-option name="principalDNSuffix">,cn=Users,dc=MyDepartment,dc=MyCompany,dc=com</module-option>
<module-option name="rolesCtxDN">cn=Users,dc=MyDepartment,dc=MyCompany,dc=com</module-option>
<module-option name="matchOnUserDN">true</module-option><!-- defaults to false -->
<module-option name="roleAttributeIsDN">false</module-option><!-- defaults to false -->
<module-option name="uidAttributeID">member</module-option><!-- defaults to 'uid' -->
<module-option name="roleAttributeID">cn</module-option><!-- defaults to 'roles' -->
<module-option name="roleNameAttributeID">name</module-option><!-- defaults to name -->
</login-module>
</application-policy>
...also note that you MUST use SSL if you want to do any updates...
Lewis -
2. Re: NT authentication in JBOSS
soni78 May 7, 2003 12:58 AM (in response to soni78)i tried the same.
and i added the line org.jboss.security.auth.spi.LdapLoginModule required; in auth.conf under client directory and server_auth.conf under source code dir. But it throws the following exception.
[java] Created LoginContext
[java] Login failed
[java] javax.security.auth.login.LoginException: unable to find LoginModule class: org.jboss.security.auth.spi.LdapLoginModule
[java] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:700)
[java] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
[java] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:599)
[java] at java.security.AccessController.doPrivileged(Native Method)
[java] at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:596)
[java] at javax.security.auth.login.LoginContext.login(LoginContext.java:523)
[java] at org.jboss.docs.jaas.howto.SessionClient.main(SessionClient.java:71)
how to procede?
plz help..
-Soni -
3. Re: NT authentication in JBOSS
juhalindfors May 7, 2003 2:26 AM (in response to soni78)Do NOT add it on the client side auth.conf.
-
4. Re: NT authentication in JBOSS
soni78 May 7, 2003 3:19 AM (in response to soni78)Its not working...
It doesn't throw any exception for login() but while authorizing it throws following exception.I have given correct username and password.
(My doubt is where do we specify the domain controller and realm values? Does JBoss recognizes it automatically?)
At Client side exception:
[java] java.rmi.ServerException: RemoteException occurred in server thread;
nested exception is:
[java] java.rmi.ServerException: EJBException:; nested exception is:
[java] javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
[java] Authentication exception, principal=Payaswini
[java] at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:292)
[java] at sun.rmi.transport.Transport$1.run(Transport.java:148)
[java] at java.security.AccessController.doPrivileged(Native Method)
[java] at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
[java] at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
[java] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
[java] at java.lang.Thread.run(Thread.java:536)
[java] at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:247)
[java] at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:223)
[java] at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:133)
[java] at org.jboss.invocation.jrmp.server.JRMPInvoker_Stub.invoke(Unknown Source)
[java] at org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:138)
[java] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:108)
[java] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:77)
[java] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:80)
[java] at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:198)
[java] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
[java] at $Proxy0.create(Unknown Source)
[java] at org.jboss.docs.jaas.howto.SessionClient.main(SessionClient.java:90)
[java] Caused by: java.rmi.ServerException: EJBException:; nested exception is:
[java] javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
[java] Authentication exception, principal=Payaswini
[java] at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:357)
[java] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:133)
[java] at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
[java] at org.jboss.ejb.Container.invoke(Container.java:730)
[java] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
[java] at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:382)
[java] at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source)
[java] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[java] at java.lang.reflect.Method.invoke(Method.java:324)
[java] at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
[java] at sun.rmi.transport.Transport$1.run(Transport.java:148)
[java] at java.security.AccessController.doPrivileged(Native Method)
[java] at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
[java] at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
[java] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
[java] at java.lang.Thread.run(Thread.java:536)
[java] Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
[java] Authentication exception, principal=Payaswini
[java] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:174)
[java] at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
[java] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
[java] ... 14 more
At Server Side:
14:39:26,176 ERROR [SecurityInterceptor] Authentication exception, principal=Payaswini
14:39:26,176 ERROR [LogInterceptor] EJBException, causedBy:
java.lang.SecurityException: Authentication exception, principal=Payaswini
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
at org.jboss.ejb.Container.invoke(Container.java:730)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:382)
at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
at java.lang.Thread.run(Thread.java:536) -
5. Re: NT authentication in JBOSS
soni78 May 7, 2003 4:16 AM (in response to soni78)its not working....
I have specified the correct username and password. But still it throws following exceptions at Client and server side....
( One more doubt, where do we mention the domain controller name and realm value? does jboss recognizes this automatically? )
At client side:
[java] java.rmi.ServerException: RemoteException occurred in server thread;
nested exception is:
[java] java.rmi.ServerException: EJBException:; nested exception is:
[java] javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
[java] Authentication exception, principal=Payaswini
[java] at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:292)
[java] at sun.rmi.transport.Transport$1.run(Transport.java:148)
[java] at java.security.AccessController.doPrivileged(Native Method)
[java] at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
[java] at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
[java] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
[java] at java.lang.Thread.run(Thread.java:536)
[java] at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:247)
[java] at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:223)
[java] at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:133)
[java] at org.jboss.invocation.jrmp.server.JRMPInvoker_Stub.invoke(Unknown Source)
[java] at org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:138)
[java] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:108)
[java] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:77)
[java] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:80)
[java] at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:198)
[java] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
[java] at $Proxy0.create(Unknown Source)
[java] at org.jboss.docs.jaas.howto.SessionClient.main(SessionClient.java:90)
[java] Caused by: java.rmi.ServerException: EJBException:; nested exception is:
[java] javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
[java] Authentication exception, principal=Payaswini
[java] at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:357)
[java] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:133)
[java] at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
[java] at org.jboss.ejb.Container.invoke(Container.java:730)
[java] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
[java] at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:382)
[java] at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source)
[java] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[java] at java.lang.reflect.Method.invoke(Method.java:324)
[java] at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
[java] at sun.rmi.transport.Transport$1.run(Transport.java:148)
[java] at java.security.AccessController.doPrivileged(Native Method)
[java] at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
[java] at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
[java] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
[java] at java.lang.Thread.run(Thread.java:536)
[java] Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
[java] Authentication exception, principal=Payaswini
[java] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:174)
[java] at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
[java] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
[java] ... 14 more
and
at server side:
15:26:31,019 ERROR [SecurityInterceptor] Authentication exception, principal=Payaswini
15:26:31,109 ERROR [LogInterceptor] EJBException, causedBy:
java.lang.SecurityException: Authentication exception, principal=Payaswini
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
at org.jboss.ejb.Container.invoke(Container.java:730)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:382)
at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
at java.lang.Thread.run(Thread.java:536)
plssss help... -
6. Re: NT authentication in JBOSS
soni78 May 7, 2003 4:18 AM (in response to soni78)its not working....
I have specified the correct username and password. But still it throws following exceptions at Client and server side....
( One more doubt, where do we mention the domain controller name and realm value? does jboss recognizes this automatically? )
At client side:
[java] java.rmi.ServerException: RemoteException occurred in server thread;
nested exception is:
[java] java.rmi.ServerException: EJBException:; nested exception is:
[java] javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
[java] Authentication exception, principal=Payaswini
[java] at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:292)
[java] at sun.rmi.transport.Transport$1.run(Transport.java:148)
[java] at java.security.AccessController.doPrivileged(Native Method)
[java] at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
[java] at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
[java] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
[java] at java.lang.Thread.run(Thread.java:536)
[java] at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:247)
[java] at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:223)
[java] at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:133)
[java] at org.jboss.invocation.jrmp.server.JRMPInvoker_Stub.invoke(Unknown Source)
[java] at org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:138)
[java] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:108)
[java] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:77)
[java] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:80)
[java] at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:198)
[java] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
[java] at $Proxy0.create(Unknown Source)
[java] at org.jboss.docs.jaas.howto.SessionClient.main(SessionClient.java:90)
[java] Caused by: java.rmi.ServerException: EJBException:; nested exception is:
[java] javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
[java] Authentication exception, principal=Payaswini
[java] at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:357)
[java] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:133)
[java] at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
[java] at org.jboss.ejb.Container.invoke(Container.java:730)
[java] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
[java] at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:382)
[java] at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source)
[java] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[java] at java.lang.reflect.Method.invoke(Method.java:324)
[java] at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
[java] at sun.rmi.transport.Transport$1.run(Transport.java:148)
[java] at java.security.AccessController.doPrivileged(Native Method)
[java] at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
[java] at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
[java] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
[java] at java.lang.Thread.run(Thread.java:536)
[java] Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
[java] Authentication exception, principal=Payaswini
[java] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:174)
[java] at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
[java] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
[java] ... 14 more
and
at server side:
15:26:31,019 ERROR [SecurityInterceptor] Authentication exception, principal=Payaswini
15:26:31,109 ERROR [LogInterceptor] EJBException, causedBy:
java.lang.SecurityException: Authentication exception, principal=Payaswini
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
at org.jboss.ejb.Container.invoke(Container.java:730)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:382)
at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
at java.lang.Thread.run(Thread.java:536)
plssss help...