7 Replies Latest reply on Apr 26, 2004 11:33 AM by vkie001

CustumLoginModule

sanjuthomas Apr 23, 2004 2:39 AM

we are trying to migrate from welogic to JBoss, we need to implement a security policy for the system(pogramatic), we have written a custom security class for this purpose. that custom class we are using in the server side, and in the client side we are using ClientLoginModule. But when we are running a simple ejb that secured using this custom class server is generating this exception, i have created a jar of this custom class and placed it in the sever/default/lib directory, i think it is right, becuase the server is invoking this class, and i am getting log infos in the server console. if any body need the whole file i will send you, please give your mail id. if somebody can help us, please....
the exception is

=
12:44:09,131 INFO [OptiwiseServerLoginModule] B4 RETURN STATEMENT IN getUserPas
sword()
12:44:09,141 ERROR [SecurityInterceptor] Authentication exception, principal=san
ju
12:44:09,151 ERROR [LogInterceptor] EJBException, causedBy:
java.lang.SecurityException: Authentication exception, principal=sanju
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(Se
curityInterceptor.java:164)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityIntercep
tor.java:81)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:1
20)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyF
actoryFinderInterceptor.java:93)
at org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessS
essionContainer.java:319)
at org.jboss.ejb.Container.invoke(Container.java:720)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBea
nDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546)
at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:
367)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:4
60)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport
.java:701)
at java.lang.Thread.run(Thread.java:536)

if somebody know the reason, please help me.

auth.conf entry
OptiwiseClient
{
org.jboss.security.ClientLoginModule required;
};

login-config.xml

<application-policy name="OptiwiseSecurityDomain">

<login-module code="com.optiwise.bl.core.security.OptiwiseServerLoginModule" flag="required"></login-module>

</application-policy>

jboss.xml

<?xml version="1.0"?>

<security-domain>java:/jaas/OptiwiseSecurityDomain</security-domain>

is there any file i need to modify, the security class is being currectly invoked by the server, but getUsersPassword() method return the result this exception is fired (that is what I understood). is there any need of achaging any other file, sun as any MBean or something like this, really i am very new in this jboss, i am desperately looking for your help , plese.
thank you for spending your valuable time

1. Re: CustumLoginModule

spiritualmechanic Apr 23, 2004 9:22 AM (in response to sanjuthomas)

It says there's an authentication exception. Which probably means you have the wrong password? Make sure you're sending in the right user/name to the ClientLogin when you get your connection to JBoss.

If you want, go ahead and post a bit of the client code where you're calling your EJB.
Actions
2. Re: CustumLoginModule

sanjuthomas Apr 23, 2004 11:56 PM (in response to sanjuthomas)

this is my client code

import javax.security.auth.Subject;
import java.security.acl.Group;
import java.util.HashMap;
import java.util.Map;
import javax.naming.Context;
import java.util.Hashtable;
import javax.naming.InitialContext;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import org.apache.log4j.Logger;
import org.jboss.security.auth.callback.UsernamePasswordHandler;
import org.jboss.security.ClientLoginModule;
import org.jboss.security.auth.spi.UsernamePasswordLoginModule;

/**
*
* @author Optiwise
*/
public class OptiwiseClient extends ClientLoginModule
{
public static void main(String args[]) throws Exception
{
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");
env.put(Context.PROVIDER_URL, "jnp://localhost:1099");
Logger log = Logger.getLogger("OptiwiseClient");
log.info("Login with username="+args[0]+", password="+args[1]);
UsernamePasswordHandler handler = new UsernamePasswordHandler(args[0], args[1].toCharArray());
LoginContext lc = new LoginContext("OptiwiseClient", handler);
lc.login();

System.out.println("HANDLER->"+handler);
System.out.println("LOGIN CONTEXT->"+lc);
log.info("Looking up RequestMgr Bean");
InitialContext iniCtx = new InitialContext(env);
System.out.println("INITIAL CONTEXT->"+iniCtx);
Object ref = iniCtx.lookup("RequestMgr");
System.out.println("REFERENCE->"+ref);
RequestMgrHome home = (RequestMgrHome) ref;
RequestMgr ob1 = home.create();
System.out.println("OBJECT NAME"+ob1);
log.info(ob1);
System.out.println(ob1);
log.info("Created Request Manager Object");
lc.logout();
}
}

in client side i am getting this exception

F:\sanju\work\JBoss>java -Djava.security.auth.login.config=%JBOSS_HOME%\client\a
uth.conf OptiwiseClient sanju sanju
HANDLER->org.jboss.security.auth.callback.UsernamePasswordHandler@194a4e
LOGIN CONTEXT->javax.security.auth.login.LoginContext@5d56d5
INITIAL CONTEXT->javax.naming.InitialContext@64dc11
REFERENCE->RequestMgrHome
Exception in thread "main" java.rmi.ServerException: RemoteException occurred in
server thread; nested exception is:
java.rmi.ServerException: EJBException:; nested exception is:
javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=sanju
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:292)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:4
60)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport
.java:701)
at java.lang.Thread.run(Thread.java:536)
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Stream
RemoteCall.java:247)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:
223)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:133)
at org.jboss.invocation.jrmp.server.JRMPInvoker_Stub.invoke(Unknown Sour
ce)
at org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvo
kerProxy.java:135)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.jav
a:96)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.
java:46)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:4
5)
at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
at $Proxy0.create(Unknown Source)
at OptiwiseClient.main(OptiwiseClient.java:42)
Caused by: java.rmi.ServerException: EJBException:; nested exception is:
javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=sanju
at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.j
ava:347)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:1
24)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyF
actoryFinderInterceptor.java:93)
at org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessS
essionContainer.java:319)
at org.jboss.ejb.Container.invoke(Container.java:720)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBea
nDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546)
at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:
367)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:4
60)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport
.java:701)
at java.lang.Thread.run(Thread.java:536)
Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException i
s:
Authentication exception, principal=sanju
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(Se
curityInterceptor.java:165)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityIntercep
tor.java:81)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:1
20)
... 21 more

F:\sanju\work\JBoss>

i am trying on the way what you told last, may be it is the reason , becuase when i am passing query to the database i am getting some meaningless text instead of the password i hav given. so it could be the reason, let me to see it.
thank you for your help. ..
see my client code too.
thanks in advance.
sanju
Actions
3. Re: CustumLoginModule

sanjuthomas Apr 24, 2004 3:48 AM (in response to sanjuthomas)

i have cleared that problem, but now i am getting some other exception in the server if you know something about this please help me ..

exception in server console

13:15:20,544 INFO [OptiwiseServerLoginModule] FIRST LINE OF getRoleSets()
13:15:20,564 INFO [OptiwiseServerLoginModule] (getRoleSets())USERNAME->arun
13:15:20,564 INFO [OptiwiseServerLoginModule] (getRoleSets())NAME->plant manage
r
13:15:20,574 ERROR [SecurityInterceptor] Authentication exception, principal=aru
n
13:15:20,574 ERROR [LogInterceptor] EJBException, causedBy:
java.lang.SecurityException: Authentication exception, principal=arun
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(Se
curityInterceptor.java:164)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityIntercep
tor.java:81)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:1
20)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyF
actoryFinderInterceptor.java:93)
at org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessS
essionContainer.java:319)
at org.jboss.ejb.Container.invoke(Container.java:720)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBea
nDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546)
at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:
367)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:4
60)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport
.java:701)
at java.lang.Thread.run(Thread.java:536)

if you got the problem please help me..
thaks in advance
sanju
Actions
4. Re: CustumLoginModule

sanjuthomas Apr 26, 2004 12:33 AM (in response to sanjuthomas)

Please help me...
Actions
5. Re: CustumLoginModule

jburugupalli Apr 26, 2004 2:21 AM (in response to sanjuthomas)

If your are connecting to database to check the Username and password

then you better check the DataBaseLoginModule.java and compare it with your code. Or if not better use the exisiting one by just providing the query stmts.

jani
Actions
6. Re: CustumLoginModule

sanjuthomas Apr 26, 2004 5:02 AM (in response to sanjuthomas)

thank you , thank you , i got the solution for this problem
Actions
7. Re: CustumLoginModule

vkie001 Apr 26, 2004 11:33 AM (in response to sanjuthomas)

Does anyone notice the security context does inheret.

I am using the "org.jboss.security.auth.spi.UsersRolesLoginModule" and have no problem login in. However, when I go to a url that are not protected, even those I am already successfully login it still said I am login as "nobody".

Can some one point me in the right direction?

Cheers...
Actions

Go to original post