-
1. Re: AuthenticationManager, SecurityAssociation and JBossWeb
sradford Nov 8, 2003 11:30 AM (in response to gary.udstrand)I'm having the same problem. Anyone have the answer?
To me it seems that I'm losing the Principal as it is not being propagated during a change in Thread.
- And I can't test this theory as the SecurityAssocation class has no unsetServer() property. -
2. Re: AuthenticationManager, SecurityAssociation and JBossWeb
alextalib Nov 13, 2003 6:14 AM (in response to gary.udstrand)
I am am getting a similar problem, I can login using FORM based login which works fine, the principle is propagated to the ejb layer. On subsequent calls however I end up with a null principle which means I can't properly call ejb's from the web container.
I am using;
- jboss-3.2.2 with jbossweb-tomcat41.sar
- using security securityfilter-1.1 with com.aegeus.securityfilter.JBossRealmAdapter
- DatabaseServerLoginModule to mysql database
If I swap out the jbossweb-tomcat41.sar and use jbossweb-jetty.sar the authentication mostly works but the problem still appears every now and then. The pages I am trying to access are secured using security filters mechanism.
*************************** Log Snippet from initial login ******************************
2003-11-13 01:20:25,729 DEBUG [org.apache.struts.taglib.tiles.InsertTag] insert page='/WEB-INF/tiles/default/footer.jsp'.
2003-11-13 01:20:25,739 DEBUG [org.apache.struts.tiles.TilesRequestProcessor] 'page.index' - processed as definition
2003-11-13 01:20:32,579 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry, authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:name=rolesQuery, value=select r.Name, 'Roles'
from entity l, entity_role lr, role r
where l.entityId = lr.entityId
and lr.roleName = r.name
and l.Name=?
name=principalsQuery, value=select password from entity where Name=?
name=password-stacking, value=useFirstPass
name=dsJndiName, value=java:/MySqlDS
2003-11-13 01:20:32,589 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize
2003-11-13 01:20:32,589 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/MySqlDS
2003-11-13 01:20:32,589 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=select password from entity where Name=?
2003-11-13 01:20:32,589 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=select r.Name, 'Roles'
from entity l, entity_role lr, role r
where l.entityId = lr.entityId
and lr.roleName = r.name
and l.Name=?
2003-11-13 01:20:32,589 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
2003-11-13 01:20:33,099 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] User 'alex' authenticated, loginOk=true
2003-11-13 01:20:33,099 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] commit, loginOk=true
2003-11-13 01:20:33,099 TRACE [org.jboss.security.plugins.JaasSecurityManager.JDBCRealm] updateCache, subject=Subject:
Principal: alex
Principal: Roles(members:student)
2003-11-13 01:20:33,099 TRACE [com.aegeus.securityfilter.JBossRealmAdapter] authenticate( alex, ****): alex
2003-11-13 01:20:33,149 DEBUG [org.apache.struts.util.ModuleUtils] Get module name for path /index.html
2003-11-13 01:20:33,149 DEBUG [org.apache.struts.util.ModuleUtils] Module name found: default
2003-11-13 01:20:33,149 DEBUG [org.apache.struts.action.RequestProcessor] Processing a 'GET' for path '/index'
.
.
.
.
*********** log snippet from a subsequent call where the web container makes a call to the ejb layer ******************
2003-11-12 18:41:37,022 DEBUG [org.apache.struts.taglib.tiles.InsertTag] insert page='/WEB-INF/tiles/default/loginform.jsp'.
2003-11-12 18:41:37,032 DEBUG [org.apache.struts.taglib.tiles.InsertTag] insert page='/WEB-INF/tiles/default/work.jsp'.
2003-11-12 18:41:37,042 TRACE [au.com.lavaconsulting.core.ServiceLocator] getRemoteService(10 [education/RemoteStudentFacadeEJB]):
2003-11-12 18:41:37,042 TRACE [au.com.lavaconsulting.core.ServiceLocator] getRemoteHome(10 [education/RemoteStudentFacadeEJB]):
2003-11-12 18:41:37,042 TRACE [au.com.lavaconsulting.education.impl.PersonFacadeEJBBean] setSessionContext() org.jboss.ejb.StatefulSessionEnterpriseContext$StatefulSessionContextIm
pl@efc0ee
2003-11-12 18:41:37,042 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry, authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:name=rolesQuery, value=select r.Name, 'Roles'
from entity l, entity_role lr, role r
where l.entityId = lr.entityId
and lr.roleName = r.name
and l.Name=?
name=principalsQuery, value=select password from entity where Name=?
name=password-stacking, value=useFirstPass
name=dsJndiName, value=java:/MySqlDS
2003-11-12 18:41:37,042 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize
2003-11-12 18:41:37,042 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/MySqlDS
2003-11-12 18:41:37,042 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=select password from entity where Name=?
2003-11-12 18:41:37,042 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=select r.Name, 'Roles'
from entity l, entity_role lr, role r
where l.entityId = lr.entityId
and lr.roleName = r.name
and l.Name=?
2003-11-12 18:41:37,042 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
2003-11-12 18:41:37,042 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Authenticating as unauthenticatedIdentity=null
2003-11-12 18:41:37,052 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort
2003-11-12 18:41:37,052 DEBUG [org.jboss.security.plugins.JaasSecurityManager.JDBCRealm] Login failure
javax.security.auth.login.FailedLoginException: No matching username found in Principals
at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:102)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:150)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)