Authentication exception, principal=null
salma May 7, 2003 8:54 AM
Hi,
I have secured a ejb with jaas, using DatabaseServerLoginModule . When I login using a java client application , everything works fine, I can access the secured methods of the session bean.
However, when I login from a servlet application I get the following security exception when trying to call the method "login" of the session bean:
EJBException:; nested exception is: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is: Authentication exception, principal=null
The error appears not regulary, so I can't reproduce it.
I am using the jboss server (version 3.0.4) and the Framework struts (and JSP) to generate dynamic content for the web-Client.
I hope anybody can help me.
****************************************************************************************
****************************************************************************************
Zy3k4wCT
Delegate Class
public class LoginDelegate
{
Properties pro;
LoginContext logCtx;
ServiceLocator locator = null;
private String authConfig = "auth.conf";
public LoginDelegate(String IP, String PORT)
{
pro = new Properties();
pro.put("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory");
pro.put("java.naming.provider.url", "jnp://" + IP + ":" + PORT + "/");
pro.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");
URL path = getClass().getClassLoader().getResource(authConfig);
String pfad = "E:\\jboss-3.0.4_tomcat-4.1.12\\server\\default\\conf\\auth.conf";
System.setProperty(key, pfad);
}
public boolean login(String name, String pass)
{
Login login = null;
try
{
if (name == null || name.length() == 0 || pass == null || pass.length() == 0)
return false;
logCtx = new LoginContext("ZELogin", new NamePasswortHandler(name, pass.toCharArray()));
logCtx.login();
this.locator = ServiceLocator.getInstance(pro);
login = ((LoginHome) this.locator.getEJBHome(ServiceLocator.Login_JNDINAME)).create();
return true;
}
catch (Exception e)
{
}
}
}
****************************************************************************************
Servlet
public class Patient extends HttpServlet implements SingleThreadModel
{
private String name = null;
private String pass = null;
private LoginDelegate logDeg = null;
/** Looks up the InterestHome interface and saves it for use in
doGet().
*/
public void init() throws ServletException
{
try
{
logDeg = new LoginDelegate("localhost", "1099");
}
catch (Exception e)
{
e.printStackTrace();
}
}
/**
*/
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("");
try
{
name = request.getParameter("name");
pass = request.getParameter("pass");
if (logDeg.login(_name, _pass))
out.println("erfolgreich ");
else
out.println("fehlgeschlagen");
}
catch (Exception e)
{
out.println(e.toString());
}
finally
{
out.println("");
out.close();
}
}
}
****************************************************************************************
auth.conf
($jboss_home/server/default/conf/auth.conf)
// This file is now obsolete but is read for backward compatability
// Use the login-config.xml file instead
// $Id: auth.conf,v 1.12 2002/04/14 18:59:49 starksm Exp $
simple {
// Very simple login module:
// any user name is accepted.
// password should either coincide with user name or be null,
// all users have role "guest",
// users with non-null password also have role "user"
org.jboss.security.auth.spi.SimpleServerLoginModule required;
};
ZELogin{
org.jboss.security.ClientLoginModule required
;
};
****************************************************************************************
login-config.xml
($jboss_home/server/default/conf/login-config.xml)
<application-policy name = "ZELogin">
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/InformixDS</module-option>
<module-option name="principalsQuery">SELECT Passwort FROM Benutzer WHERE BenutzerID=?</module-option>
<module-option name="rolesQuery">SELECT rechteID,'Roles' FROM Benutzerrechte WHERE BenutzerID=?</module-option>
</login-module>
</application-policy>
****************************************************************************************
ejb-jar.xml
<?xml version="1.0"?>
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">
<ejb-jar>
<enterprise-beans>
<ejb-name>NotizEJB</ejb-name>
<local-home>de.NotizLocalHome</local-home>
de.NotizLocal
<ejb-class>de.NotizBean</ejb-class>
<persistence-type>Container</persistence-type>
<prim-key-class>java.lang.Long</prim-key-class>
True
<cmp-version>2.x</cmp-version>
<abstract-schema-name>Notiz</abstract-schema-name>
<cmp-field><field-name>ID</field-name></cmp-field>
<cmp-field><field-name>name</field-name></cmp-field>
<cmp-field><field-name>gruppe</field-name></cmp-field>
<primkey-field>ID</primkey-field>
<query-method>
<method-name>findByName</method-name>
<method-params>
<method-param>java.lang.String</method-param>
</method-params>
</query-method>
<ejb-ql>select object(i) from Notiz i where i.name =?1</ejb-ql>
<query-method>
<method-name>findByGruppe</method-name>
<method-params>
<method-param>java.lang.Long</method-param>
</method-params>
</query-method>
<ejb-ql>select object(i) from Notiz i where i.gruppe =?1</ejb-ql>
<ejb-name>LoginEJB</ejb-name>
de.LoginHome
de..Login
<ejb-class>de.LoginBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<assembly-descriptor>
<container-transaction>
<ejb-name>NotizEJB</ejb-name>
<method-name>*</method-name>
<trans-attribute>Required</trans-attribute>
</container-transaction>
<container-transaction>
<ejb-name>LoginEJB</ejb-name>
<method-name>*</method-name>
<trans-attribute>Required</trans-attribute>
</container-transaction>
<!-- *** SECURITY-ROLES *** -->
<security-role>
<role-name>verwaltung</role-name>
</security-role>
<method-permission>
<role-name>verwaltung</role-name>
<ejb-name>NotizEJB</ejb-name>
<method-name>*</method-name>
</method-permission>
<method-permission>
<ejb-name>LoginEJB</ejb-name>
<method-name>*</method-name>
</method-permission>
</assembly-descriptor>
</ejb-jar>
****************************************************************************************
jboss.xml
<?xml version="1.0" encoding="UTF-8"?>
<security-domain>java:/jaas/ZELogin</security-domain>
<enterprise-beans>
<ejb-name>NotizEJB</ejb-name>
<local-jndi-name>notiz/Notiz</local-jndi-name>
<ejb-name>LoginEJB</ejb-name>
<jndi-name>login/Login</jndi-name>
</enterprise-beans>
****************************************************************************************
jboss-web.xml
<?xml version="1.0"?>
<jboss-web>
<security-domain>java:/jaas/ZELogin</security-domain>
</jboss-web>
****************************************************************************************
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<!-- Copyright (c) 2002 by ObjectLearn. All Rights Reserved. -->
<web-app>
<servlet-name>action</servlet-name>
<servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>debug</param-name>
<param-value>3</param-value>
</init-param>
<init-param>
<param-name>detail</param-name>
<param-value>3</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>welcome.jsp</welcome-file>
</welcome-file-list>
<taglib-uri>/WEB-INF/tlds/struts-bean.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-bean.tld</taglib-location>
<taglib-uri>/WEB-INF/tlds/struts-html.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-html.tld</taglib-location>
<taglib-uri>/WEB-INF/tlds/struts-logic.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-logic.tld</taglib-location>
<taglib-uri>/WEB-INF/tlds/struts-nested.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-nested.tld</taglib-location>
<taglib-uri>/WEB-INF/tlds/struts-template.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-template.tld</taglib-location>
<taglib-uri>/WEB-INF/tlds/struts-tiles.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-tiles.tld</taglib-location>
<taglib-uri>/WEB-INF/tlds/pager-taglib.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/pager-taglib.tld</taglib-location>
</web-app>