3 Replies Latest reply on Nov 23, 2004 3:44 PM by starksm64

Latest JAAS HowTo not working with Jboss3.2.6

hillel Nov 21, 2004 3:12 PM

Dear JAAS Team,

I installed the JAAS HowTO by downloading the latest version and tried to run it with Jboss 3.2.6 and the first example -1. Invoke PublicSession.echo() as java, echoman [PASS]

The first example fails I've included the logs from Jboss Apache Tomcat/5.0.28 and then the log from the Jboss console.

Any help appreciated as I followed the instructions in the Howto and this should work?

1) Jboss Apache Tomcat/5.0.28 :

HTTP Status 500 -

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: Failed to call SecuredEJB.echo
org.jboss.docs.jaas.howto.EJBServlet.callEcho(EJBServlet.java:74)
org.jboss.docs.jaas.howto.EJBServlet.processRequest(EJBServlet.java:31)
org.jboss.docs.jaas.howto.EJBServlet.doGet(EJBServlet.java:41)
javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:75)

root cause

javax.servlet.ServletException: Failed to call SecuredEJB.echo
org.jboss.docs.jaas.howto.EJBServlet.createBean(EJBServlet.java:178)
org.jboss.docs.jaas.howto.EJBServlet.callEcho(EJBServlet.java:68)
org.jboss.docs.jaas.howto.EJBServlet.processRequest(EJBServlet.java:31)
org.jboss.docs.jaas.howto.EJBServlet.doGet(EJBServlet.java:41)
javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:75)

root cause

java.rmi.AccessException: SecurityException; nested exception is:
java.lang.SecurityException: Authentication exception, principal=caller_java
org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:369)
org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:124)
org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessSessionContainer.java:319)
org.jboss.ejb.Container.invoke(Container.java:729)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60)
org.jboss.mx.server.Invocation.dispatch(Invocation.java:62)
org.jboss.mx.server.Invocation.dispatch(Invocation.java:54)
org.jboss.mx.server.Invocation.invoke(Invocation.java:82)
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:197)
org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:97)
org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90)
org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55)
org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
$Proxy45.create(Unknown Source)
org.jboss.docs.jaas.howto.EJBServlet.createBean(EJBServlet.java:173)
org.jboss.docs.jaas.howto.EJBServlet.callEcho(EJBServlet.java:68)
org.jboss.docs.jaas.howto.EJBServlet.processRequest(EJBServlet.java:31)
org.jboss.docs.jaas.howto.EJBServlet.doGet(EJBServlet.java:41)
javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:75)

note The full stack trace of the root cause is available in the Apache Tomcat/5.0.28 logs.
Apache Tomcat/5.0.28

2) THE JBOSS LOG GIVES THE FOLLOWING ERROR:
21:51:57,340 INFO [Server] JBoss (MX MicroKernel) [3.2.6 (build: CVSTag=JBoss_3 _2_6 date=200410140106)] Started in 39s:647ms
21:52:59,637 INFO [STDOUT] JaasLoginFilter, login as: java
21:52:59,800 INFO [STDOUT] PublicSessionBean.ejbCreate() called
21:52:59,802 INFO [STDOUT] PublicSessionBean.echo, arg=Hello
21:52:59,802 INFO [STDOUT] PublicSessionBean.echo, callerPrincipal=caller_java
21:52:59,803 INFO [STDOUT] PublicSessionBean.echo, isCallerInRole('EchoUser')=t rue
21:52:59,812 INFO [STDOUT] PrivateSessionBean.ejbCreate() called
21:52:59,815 INFO [STDOUT] PublicSessionBean.echo, created PrivateSession
21:52:59,826 INFO [STDOUT] PrivateSessionBean.echo, arg=Hello
21:52:59,826 INFO [STDOUT] PrivateSessionBean.echo, callerPrincipal=caller_java
21:52:59,827 INFO [STDOUT] PrivateSessionBean.echo, isCallerInRole('InternalUse r')=false
21:52:59,883 INFO [STDOUT] JaasLoginFilter, logout
21:53:05,867 INFO [STDOUT] JaasLoginFilter, login as: java
21:53:05,870 INFO [STDOUT] PublicSessionBean.noop
21:53:05,870 INFO [STDOUT] PublicSessionBean.noop, callerPrincipal=caller_java
21:53:05,872 INFO [STDOUT] JaasLoginFilter, logout
21:53:20,390 ERROR [SecurityInterceptor] Authentication exception, principal=cal ler_java
21:53:20,435 ERROR [Engine] StandardWrapperValve[SecureServlet]: Servlet.service () for servlet SecureServlet threw exception
java.rmi.AccessException: SecurityException; nested exception is:
java.lang.SecurityException: Authentication exception, principal=caller_ java
at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.j ava:369)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:1 24)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyF actoryFinderInterceptor.java:93)
at org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessS essionContainer.java:319)
at org.jboss.ejb.Container.invoke(Container.java:729)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher. java:60)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:62)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:54)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:82)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker. java:197)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:97)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.jav a:90)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor. java:46)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:5 5)
at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
at $Proxy45.create(Unknown Source)
at org.jboss.docs.jaas.howto.EJBServlet.createBean(EJBServlet.java:173)
at org.jboss.docs.jaas.howto.EJBServlet.callEcho(EJBServlet.java:68)
at org.jboss.docs.jaas.howto.EJBServlet.processRequest(EJBServlet.java:3 1)
at org.jboss.docs.jaas.howto.EJBServlet.doGet(EJBServlet.java:41)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:237)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:157)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFi lter.java:75)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:186)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:157)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV alve.java:214)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv eContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav a:520)
at org.apache.catalina.core.StandardContextValve.invokeInternal(Standard ContextValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV alve.java:152)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv eContext.java:104)
at org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrinc ipalValve.java:66)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv eContext.java:102)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(Securit yAssociationValve.java:158)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv eContext.java:102)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica torBase.java:540)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv eContext.java:102)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav a:520)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j ava:137)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv eContext.java:104)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j ava:118)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv eContext.java:102)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav a:520)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal ve.java:109)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv eContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav a:520)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:16 0)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java :799)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce ssConnection(Http11Protocol.java:705)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java :577)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP ool.java:683)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.lang.SecurityException: Authentication exception, principal=call er_java
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(Se curityInterceptor.java:155)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityIntercep tor.java:74)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:1 20)
... 59 more

1. Re: Latest JAAS HowTo not working with Jboss3.2.6

starksm64 Nov 23, 2004 1:34 PM (in response to hillel)
There was a bug introduced into 3.2.6 that changed the caller principal when the role mapping defined a caller principal mapping. This can be seen by the username passed to the login module:

2004-11-23 10:27:19,531 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for username=caller_java

This has been fixed for the 3.2.7 release. You can work around this by disabling the caller principal mapping by commenting out the *.CallerPrincipal entries in the roles.properties file:
# The username to role(s) mapping properties file java=Echo duke=Java,Coder #java.CallerPrincipal=caller_java #duke.CallerPrincipal=caller_duke
Actions
2. Re: Latest JAAS HowTo not working with Jboss3.2.6

hillel Nov 23, 2004 3:28 PM (in response to hillel)

Thanks the first example now work.

The second example now fails for the same reason as seen below, how would you recommend fixing it?

Thanks

2004-11-23 22:18:14,654 INFO [org.jboss.system.server.Server] JBoss (MX MicroKernel) [3.2.6 (build: CVSTag=JBoss_3_2_6 date=200410140106)] Started in 48s:94ms
2004-11-23 22:18:27,382 INFO [STDOUT] JaasLoginFilter, login as: java
2004-11-23 22:18:27,526 INFO [STDOUT] PublicSessionBean.ejbCreate() called
2004-11-23 22:18:27,527 INFO [STDOUT] PublicSessionBean.noop
2004-11-23 22:18:27,528 INFO [STDOUT] PublicSessionBean.noop, callerPrincipal=caller_java
2004-11-23 22:18:27,557 INFO [STDOUT] JaasLoginFilter, logout
2004-11-23 22:18:37,311 INFO [STDOUT] JaasLoginFilter, login as: java
2004-11-23 22:18:37,317 INFO [STDOUT] PublicSessionBean.echo, arg=Hello
2004-11-23 22:18:37,317 INFO [STDOUT] PublicSessionBean.echo, callerPrincipal=caller_java
2004-11-23 22:18:37,318 INFO [STDOUT] PublicSessionBean.echo, isCallerInRole('EchoUser')=true
2004-11-23 22:18:37,327 DEBUG [org.jboss.ejb.StatefulSessionContainer] Created new session ID: e1wij0cu-5
2004-11-23 22:18:37,327 DEBUG [org.jboss.ejb.StatefulSessionContainer] Using create method for session: public void org.jboss.docs.jaas.howto.PrivateSessionBean.ejbCreate() throws javax.ejb.CreateException
2004-11-23 22:18:37,327 INFO [STDOUT] PrivateSessionBean.ejbCreate() called
2004-11-23 22:18:37,328 DEBUG [org.jboss.proxy.ejb.ProxyFactory] seting invoker proxy binding for stateful session: stateful-rmi-invoker
2004-11-23 22:18:37,330 INFO [STDOUT] PublicSessionBean.echo, created PrivateSession
2004-11-23 22:18:37,342 INFO [STDOUT] PrivateSessionBean.echo, arg=Hello
2004-11-23 22:18:37,342 INFO [STDOUT] PrivateSessionBean.echo, callerPrincipal=caller_java
2004-11-23 22:18:37,343 INFO [STDOUT] PrivateSessionBean.echo, isCallerInRole('InternalUser')=false
2004-11-23 22:18:37,344 INFO [STDOUT] JaasLoginFilter, logout
2004-11-23 22:18:40,127 INFO [STDOUT] JaasLoginFilter, login as: java
2004-11-23 22:18:40,129 INFO [STDOUT] PublicSessionBean.noop
2004-11-23 22:18:40,130 INFO [STDOUT] PublicSessionBean.noop, callerPrincipal=caller_java
2004-11-23 22:18:40,131 INFO [STDOUT] JaasLoginFilter, logout
2004-11-23 22:18:50,168 ERROR [org.jboss.ejb.plugins.SecurityInterceptor] Authentication exception, principal=caller_java
2004-11-23 22:18:50,169 DEBUG [org.jboss.ejb.plugins.LogInterceptor] SecurityException in method: public abstract org.jboss.docs.jaas.howto.Session org.jboss.docs.jaas.howto.SessionHome.create() throws java.rmi.RemoteException,javax.ejb.CreateException
java.lang.SecurityException: Authentication exception, principal=caller_java
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:155)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:74)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
at org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessSessionContainer.java:319)
at org.jboss.ejb.Container.invoke(Container.java:729)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:62)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:54)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:82)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:197)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:97)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55)
at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
at $Proxy67.create(Unknown Source)
at org.jboss.docs.jaas.howto.EJBServlet.createBean(EJBServlet.java:171)
at org.jboss.docs.jaas.howto.EJBServlet.callEcho(EJBServlet.java:72)
at org.jboss.docs.jaas.howto.EJBServlet.processRequest(EJBServlet.java:31)
at org.jboss.docs.jaas.howto.EJBServlet.doGet(EJBServlet.java:40)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
...
Actions

3. Re: Latest JAAS HowTo not working with Jboss3.2.6

starksm64 Nov 23, 2004 3:44 PM (in response to hillel)

Edit the build.xml to remove the CallerPrincipal entries:

 INSERT INTO Roles VALUES ('java', 'caller_java', 'CallerPrincipal');
 INSERT INTO Roles VALUES ('duke', 'caller_duke', 'CallerPrincipal')

to produce:

 <sql driver="org.hsqldb.jdbcDriver"
 url="jdbc:hsqldb:${jboss.server.data.dir}/hypersonic/localDB"
 userid="sa"
 password=""
 classpath="${jboss.dist}/server/default/lib/hsqldb.jar"><![CDATA[

 DROP TABLE Principals IF EXISTS;
 DROP TABLE Roles IF EXISTS;
 CREATE TABLE Principals (PrincipalID VARCHAR(64) PRIMARY KEY, Password V
ARCHAR(64) );
 CREATE TABLE Roles (PrincipalID VARCHAR(64), Role VARCHAR(64), RoleGro
up VARCHAR(64) );
 INSERT INTO Principals VALUES ('java', 'echoman');
 INSERT INTO Principals VALUES ('duke', 'javaman');
 INSERT INTO Roles VALUES ('java', 'Echo', 'Roles');
 INSERT INTO Roles VALUES ('duke', 'Java', 'Roles');
 INSERT INTO Roles VALUES ('duke', 'Coder', 'Roles');
 ]]></sql>

Go to original post