-
1. Re: Problem JAAS-JBOSS
starksm64 May 17, 2004 10:08 PM (in response to raffaelecorvino)Try going through the JAAS Howto topic in this forum. Your client does not appear to be finding the client side auth.conf file.
-
2. Re: Problem JAAS-JBOSS
raffaelecorvino May 18, 2004 2:11 AM (in response to raffaelecorvino)Thanks,Scott Stark.
I don't solve my problem. I've read jaashowto and I follow it. I've the same problem when I use org.jboss.security.auth.spi.UsersRolesLoginModule and also when I use org.jboss.security.auth.spi.DatabaseServerLoginModule. It' s very strange!?
I use a custom server configuration,
my file login-confi.xml is:
<!DOCTYPE policy (View Source for full doctype...)>
- <!-- The JBoss server side JAAS login config file for the examples
-->
-
- <application-policy name="workflow1">
-
- <!--
A properties file LoginModule that supports CallerPrincipal mapping
LoginModule options:
-->
<login-module code="org.jboss.security.ClientLoginModule" flag="required" />
- <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="unauthenticatedIdentity">anonymous</module-option>
</login-module>
</application-policy>
- <application-policy name="workflow2">
-
- <!--
A JDBC based LoginModule
LoginModule options:
dsJndiName: The name of the DataSource of the database containing the Principals, Roles tables
principalsQuery: The prepared statement query equivalent to:
"select Password from Principals where PrincipalID=?"
rolesQuery: The prepared statement query equivalent to:
"select Role, RoleGroup from Roles where PrincipalID=?"
unauthenticatedIdentity: the principal assigned to callers without any authentication info
-->
<login-module code="org.jboss.security.ClientLoginModule" flag="required" />
- <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/DefaultDS</module-option>
<module-option name="principalsQuery">select Password from Principals where PrincipalID=?</module-option>
<module-option name="rolesQuery">select Role from Roles where PrincipalID=?</module-option>
</login-module>
</application-policy>
- <!-- The security domain for the HSQLDB
-->
- <application-policy name="HsqlDbRealm">
-
- <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule" flag="required">
<module-option name="principal">sa</module-option>
<module-option name="userName">sa</module-option>
<module-option name="password" />
<module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
</login-module>
</application-policy>
;
my auth.config in server conf is:
// The JBoss server side JAAS login config file for the examples
workflow1 {
// A properties file LoginModule that supports CallerPrincipal mapping
org.jboss.security.ClientLoginModule required
;
org.jboss.security.auth.spi.UsersRolesLoginModule required
unauthenticatedIdentity=nobody
;
};
workflow2 {
/* A JDBC based LoginModule
LoginModule options:
dsJndiName: The name of the DataSource of the database containing the Principals, Roles tables
principalsQuery: The prepared statement query equivalent to:
"select Password from Principals where PrincipalID=?"
rolesQuery: The prepared statement query equivalent to:
"select Role, RoleGroup from Roles where PrincipalID=?"
*/
org.jboss.security.ClientLoginModule required
;
org.jboss.security.auth.spi.DatabaseServerLoginModule required
dsJndiName="java:/DefaultDS"
principalsQuery="select Password from Principals where PrincipalID=?"
rolesQuery="select Role from Roles where PrincipalID=?"
unauthenticatedIdentity=nobody
;
};
other {
// jBoss LoginModule
org.jboss.security.ClientLoginModule required
;
// Put your login modules that need jBoss here
};
my client config is:
workflow1 {
// A properties file LoginModule that supports CallerPrincipal mapping
org.jboss.security.ClientLoginModule required
;
org.jboss.security.auth.spi.UsersRolesLoginModule required
;
};
workflow2 {
/* A JDBC based LoginModule
LoginModule options:
dsJndiName: The name of the DataSource of the database containing the Principals, Roles tables
principalsQuery: The prepared statement query equivalent to:
"select Password from Principals where PrincipalID=?"
rolesQuery: The prepared statement query equivalent to:
"select Role, RoleGroup from Roles where PrincipalID=?"
*/
org.jboss.security.ClientLoginModule required
;
org.jboss.security.auth.spi.DatabaseServerLoginModule required
;
};
other {
// jBoss LoginModule
org.jboss.security.ClientLoginModule required
;
// Put your login modules that need jBoss here
};
I put file users.properities and roles.properties in jar file and in directory server and client but I've ever the same error.
My client code .java is:
public class LoginClient {
private ap.com.tesi.session.LoginAccessHome getHome() throws NamingException {
return (ap.com.tesi.session.LoginAccessHome) getContext().lookup(
ap.com.tesi.session.LoginAccessHome.JNDI_NAME);
}
private InitialContext getContext() throws NamingException {
Hashtable props = new Hashtable();
props.put(InitialContext.INITIAL_CONTEXT_FACTORY,
"org.jnp.interfaces.NamingContextFactory");
props.put(InitialContext.PROVIDER_URL, "jnp://127.0.0.1:1099");
// This establishes the security for authorization/authentication
// props.put(InitialContext.SECURITY_PRINCIPAL,"username");
// props.put(InitialContext.SECURITY_CREDENTIALS,"password");
InitialContext initialContext = new InitialContext(props);
return initialContext;
}
public String testBean() {
LoginContext lc = null;
SimplePrincipal user=null;
try {
String a=JOptionPane.showInputDialog("Inserisci il nome");
String b=JOptionPane.showInputDialog("Inserisci la password");
String name = a;
char[] password = b.toCharArray();
AppCallbackHandler handler = new AppCallbackHandler(name,password);
lc = new LoginContext("workflow2",(CallbackHandler)handler);
System.out.println("Created LoginContext");
lc.login();
}
catch (LoginException le)
{
System.out.println("Login failed");
le.printStackTrace();
}
//altrimrnti: Autenticazione riuscita!
System.out.println("Autenticazione riuscita!");
I am very unhappy because I'm working to solve this problem by a week!!!
Please help me,
Thanks in advance Raf -
3. Re: Problem JAAS-JBOSS
raffaelecorvino May 18, 2004 2:14 AM (in response to raffaelecorvino)I forget to inser the error. When I run the client, it give me:
Exception in thread "main" java.lang.SecurityException: Impossibile trovare una configurazione di login
at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:97)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
at java.lang.Class.newInstance0(Class.java:308)
at java.lang.Class.newInstance(Class.java:261)
at javax.security.auth.login.Configuration$3.run(Configuration.java:221)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:215)
at javax.security.auth.login.LoginContext$1.run(LoginContext.java:170)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.init(LoginContext.java:167)
at javax.security.auth.login.LoginContext.(LoginContext.java:404)
at ap.com.tesi.client.LoginClient.testBean(LoginClient.java:65)
at ap.com.tesi.client.LoginClient.main(LoginClient.java:147)
Caused by: java.io.IOException: Impossibile trovare una configurazione di login
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:206)
at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:95)
... 15 more.
I'm using Jboss 3.2.3.
Thanks for yours helps!!!
Raf -
4. Re: Problem JAAS-JBOSS
morenito9000 May 18, 2004 9:42 AM (in response to raffaelecorvino)Hy Raffaele,
the problem is that the client doesn't find the auth.conf file
where it can retrieve the list of LoginModules that your
application need to use.
I don't know if this is the correct procedure but I copied
an auth.conf file from <JBOSS installation dir>/client directory.
I added in this file an entry for my application (named xmalf):
xmalf {
server.security.XMalfClientLoginModule required
principalClass="server.security.XMalfSimplePrincipal"
;
};
(I use, client side, a ClientLoginModule and a SimplePrincipal,
that I wrote on purpose: JBoss provides a ClientLoginModule
and a SimplePrincipal if you need only to pass username and
password to the server).
In client code I have:
LoginContext lc = new LoginContext("xmalf", myCallbackHandler);
lc.login(); ... ....
I run the client in this way:
java -Djava.security.manager -Djava.security.policy=client.policy
-Djava.security.auth.login.config=auth.conf MyClient
this is OK if you run client in the same directory where you find
auth.conf file (for example, if you are in a subdirectory you must
indicate the path in this way:
-Djava.security.auth.login.config=../auth.conf).
For more precise infos visit thi site:
www://minnigerode.org/CA-SF/dave/BasicJBossAAC.html
Moreno -
5. Re: Problem JAAS-JBOSS
raffaelecorvino May 19, 2004 3:58 AM (in response to raffaelecorvino)Thanks very much morenito!!