1 Reply Latest reply on Mar 19, 2004 4:22 AM by starksm64

Configure basic security in Jboss

anandkasi Mar 15, 2004 10:45 PM

Hi All,
I am a jboss newbie and need to a simple username/password challenge to pop up when someone accesses my web app deployed on jboss. I was looking at UsersRolesLoginModule. I am using jboss-3.2.3 with jetty-4.2.14.
All I did was the following 3 things.

1) server/MyServer/conf/login-conf.xml

<?xml version='1.0'?>
<!DOCTYPE policy PUBLIC
 "-//JBoss//DTD JBOSS Security Config 3.0//EN"
 "http://www.jboss.org/j2ee/dtd/security_config.dtd">
<policy>
 <application-policy name = "myUsersRolesModule">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
 flag = "true" >
 <module-option name="hashAlgorithm">MD5</module-option>
 </login-module>
 </authentication>
 </application-policy>


</policy>

2) Create a users.properties file in the conf folder with the following entry.
anand=kasi.

3) Create a roles.properties file in the conf folder with the following entry
anand=admin

When Jboss starts up, I get the following exception.

22:15:35,255 ERROR [PersistenceManager] Starting failed
java.lang.SecurityException: Invalid authentication attempt, principal=null
at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubjec
t(BaseConnectionManager2.java:647)
at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateC
onnection(BaseConnectionManager2.java:476)

Where do I set the principal. Is that the same as username????
What am I not doing or doing wrong?? Any suggestions/pointers are highly appreciated. Any alternate solutions?? The simpler the better.

Regards.
Andy.

1. Re: Configure basic security in Jboss

starksm64 Mar 19, 2004 4:22 AM (in response to anandkasi)

Start with the first post in this forum:
http://www.jboss.org/index.html?module=bb&op=viewtopic&t=46370
Actions