Configuring a non trusted datasource
jeeads Jun 3, 2004 10:51 AMI am trying to connect to a non-trusted datasource. I have created a com.synapps.jmx.jaas.srp.MetaDataIdentityLoginModule login module to load the username and password dependent on the auth type of the given datasource. This module was created using org.jboss.resource.security.CallerIdentityLoginModule as a modle. All the information about the remote datasource is found in my MetaData database including auth type. The deployment descriptors, configuration xml and error log are attached. When I start JBoss 3.2.3 the entity beans deploy correctly but when org.jboss.ejb.plugins.EntityInstancePool starts a connection to the datasource for the beans fails. I expect the failures since no one is logged in at the time. How should I configure this non-trusted connection so that a connection is attemted only if someone is logged in and only if there is not a connection in the connection pool? I have all of the documentation and I can't find this information.
META_INF entity bean jar
jboss.xml
< ?xml version="1.0" encoding="UTF-8"?>
< !DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 3.0//EN" "http://www.jboss.org/j2ee/dtd/jboss_3_0.dtd">
< jboss>
< security-domain>java:/jaas/MSSQLServer2000SequencherSecurityRealm</security-domain >
< unauthenticated-principal>Anonymous</unauthenticated-principal >
< enterprise-beans>
jbosscmp-jdbc.xml
< ?xml version="1.0" encoding="UTF-8"?>
< !DOCTYPE jbosscmp-jdbc PUBLIC "-//JBoss//DTD JBOSSCMP-JDBC 3.2//EN" "http://www.jboss.org/j2ee/dtd/jbosscmp-jdbc_3_2.dtd">
< jbosscmp-jdbc>
< defaults>
< datasource>java:/MSSQLServer2000Sequencher
< datasource-mapping>MS SQLSERVER2000</datasource-mapping >
< create-table>false</create-table >
< remove-table>false</remove-table >
< read-only>false</read-only >
< read-time-out>300</read-time-out >
< row-locking>false</row-locking >
< pk-constraint>true</pk-constraint >
< fk-constraint>false</fk-constraint >
< preferred-relation-mapping>foreign-key</preferred-relation-mapping >
< read-ahead>
< strategy>on-load
< page-size>1000</page-size >
< eager-load-group>*</eager-load-group >
</read-ahead >
< list-cache-max>1000</list-cache-max >
Server configuration files
login-config.xml
< application-policy name="MSSQLServer2000SequencherSecurityRealm">
< authentication>
< login-module code="com.synapps.jmx.jaas.srp.MetaDataIdentityLoginModule" flag="required">
< module-option name="dsJndiName">java:/MSSQLServer2000MetaData</module-option >
< module-option name="dsName">MSSQLServer2000Sequencher</module-option >
< module-option name="connTypeQuery">SELECT ConnAuthType FROM DataStore WHERE Name=?</module-option >
< module-option name="defaultUserPasswdQuery">SELECT DataStore.DefaultConnUser, Password.password FROM DataStore,Password WHERE DataStore.Name=? AND Password.ID = DataStore.DefaultConnPWID</module-option >
< module-option name="userUserPasswdQuery">SELECT User_DataStore.UserConnUserID, Password.password, FROM DataStore,User_DataStore, Password WHERE DataStore.Name=? AND Password.ID = User_DataStore.UserConnPWID AND User_DataStore.DataStoreID = DataStore.ID and User_DataStore.UserID=?</module-option >
< module-option name="activityLogging">INSERT INTO ActivityLog VALUES(?,?,?,?,?,?,?,?,?,?)</module-option >
< module-option name="password-stacking">useFirstPass</module-option >
</login-module >
</application-policy >
sequencher-mssql-ds.xml
< ?xml version="1.0" encoding="UTF-8"?>
< !-- ===================================================================== -->
< !-- -->
< !-- JBoss Server Configuration -->
< !-- -->
< !-- ===================================================================== -->
< !-- $Id: sequencher-mssql-ds.xml,v 1.1 2004/05/18 18:500:16 mike Exp $ -->
< !-- ======================================================================-->
< !-- New ConnectionManager setup for Microsoft SQL Server 2000 driver -->
< !-- You may download the latest Microsoft JDBC driver from *Microsoft* -->
< !-- http://msdn.microsoft.com/downloads/default.asp?url=/downloads/sample.asp?url=/MSDN-FILES/027/001/779/msdncompositedoc.xml&frame=true -->
< !-- ===================================================================== -->
< datasources>
< local-tx-datasource>
< jndi-name>MSSQLServer2000Sequencher</jndi-name >
< connection-url>jdbc:microsoft:sqlserver://synapps-6:1433;DatabaseName=Sequencher;SelectMethod=cursor</connection-url >
< driver-class>com.microsoft.jdbc.sqlserver.SQLServerDriver</driver-class >
< !--<user-name>sa</user-name >
< password>synapps -- >
< !-- sql to call when connection is created -- >
< new-connection-sql>select count(*) from Users</new-connection-sql >
< !-- sql to call on an existing pooled connection when it is obtained from pool -- >
< check-valid-connection-sql>select count(*) from Users</check-valid-connection-sql >
< !-- Use the security domain defined in conf/login-config.xml -- >
< security-domain>MSSQLServer2000SequencherSecurityRealm</security-domain >
</local-tx-datasource >
server.log
2004-06-02 15:32:31,593 INFO [org.jboss.ejb.EjbModule] Deploying MSSQLServer2000Sequencher_VectorSite
2004-06-02 15:32:31,625 INFO [org.jboss.ejb.EjbModule] Deploying MSSQLServer2000Sequencher_WorkingSequence
2004-06-02 15:32:31,656 INFO [org.jboss.ejb.EjbModule] Deploying MSSQLServer2000Sequencher_EntityBeanTest
2004-06-02 15:32:33,484 ERROR [org.jboss.ejb.EntityContainer] Starting failed
java.lang.SecurityException: Invalid authentication attempt, principal=null
at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(BaseConnectionManager2.java:647)
at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnectionManager2.java:476)
at org.jboss.resource.connectionmanager.BaseConnectionManager2$ConnectionManagerProxy.allocateConnection(BaseConnectionManager2.java:814)
at org.jboss.resource.adapter.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:102)
at org.jboss.ejb.plugins.cmp.jdbc.SQLUtil.fixTableName(SQLUtil.java:118)
at org.jboss.ejb.plugins.cmp.jdbc.bridge.JDBCEntityBridge.init(JDBCEntityBridge.java:147)
at org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.initStoreManager(JDBCStoreManager.java:420)
at org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.start(JDBCStoreManager.java:357)
at org.jboss.ejb.plugins.CMPPersistenceManager.start(CMPPersistenceManager.java:152)
at org.jboss.ejb.EntityContainer.startService(EntityContainer.java:342)
at org.jboss.system.ServiceMBeanSupport.start(ServiceMBeanSupport.java:192)
at sun.reflect.GeneratedMethodAccessor51.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546)
at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:976)
at $Proxy15.start(Unknown Source)