0 Replies Latest reply on Dec 22, 2004 9:02 PM by hama

    different bahaviour of logincontext from standalone java app

    hama
    hama Dec 22, 2004 9:02 PM

      We are tryng to use http invoker to do the JNDI lookup and also JMS.

      For the http invoker, we configure it to require HTTP Basic authentication. We use a LoginContext as per "HTTP invoker and BASIC authentication" http://www.jboss.org/index.html?module=bb&op=viewtopic&t=31441 . The code works in a standalone java client, but not work when we execute iit from within another ejb container, specifically weblogic.

      If we don't require HTTP Basic authentication, we can do JNDI through HTTP from weblogic. Once we requires HTTP Basic authentication, we cannot do JNDI through HTTP from weblogic. The standalone java client works in both case.

      One more observation, from the access.log, if we don't require HTTP Basic authentication, the status is always 200.

      127.0.0.1 - - [23/Dec/2004:09:23:12 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 200 1384
      127.0.0.1 - - [23/Dec/2004:09:23:12 +0800] "POST /invoker/EJBInvokerServlet HTTP/1.1" 200 1451
      127.0.0.1 - - [23/Dec/2004:09:23:13 +0800] "POST /invoker/EJBInvokerServlet HTTP/1.1" 200 600
      127.0.0.1 - - [23/Dec/2004:09:23:13 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 120
      127.0.0.1 - - [23/Dec/2004:09:23:13 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 91
      127.0.0.1 - - [23/Dec/2004:09:23:13 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 92
      127.0.0.1 - - [23/Dec/2004:09:23:13 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 86
      127.0.0.1 - - [23/Dec/2004:09:23:13 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 315
      127.0.0.1 - - [23/Dec/2004:09:23:13 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 86
      127.0.0.1 - - [23/Dec/2004:09:23:13 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 113


      If we requires HTTP Basic authentication, for the standalone client, the status of the first response is 200, and all subsequent response is 200.

      127.0.0.1 - - [22/Dec/2004:19:24:14 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [22/Dec/2004:19:24:14 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 200 1384
      127.0.0.1 - - [22/Dec/2004:19:24:15 +0800] "POST /invoker/EJBInvokerServlet HTTP/1.1" 200 1451
      127.0.0.1 - - [22/Dec/2004:19:24:15 +0800] "POST /invoker/EJBInvokerServlet HTTP/1.1" 200 600
      127.0.0.1 - - [22/Dec/2004:19:24:15 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 120
      127.0.0.1 - - [22/Dec/2004:19:24:15 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 91
      127.0.0.1 - - [22/Dec/2004:19:24:15 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 93
      127.0.0.1 - - [22/Dec/2004:19:24:15 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 86
      127.0.0.1 - - [22/Dec/2004:19:24:15 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 86
      127.0.0.1 - - [22/Dec/2004:19:24:15 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 315
      127.0.0.1 - - [22/Dec/2004:19:24:15 +0800] "POST /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 113

      With HTTP basic authentication, and wrong username/password from standalone client, the log is
      127.0.0.1 - - [23/Dec/2004:09:51:38 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:38 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:38 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:38 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:38 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:38 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954
      127.0.0.1 - - [23/Dec/2004:09:51:39 +0800] "GET /invoker/JNDIFactory HTTP/1.1" 401 954

      and from the jboss server.log

      2004-12-23 09:51:38,951 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for username=xxxxxx

      With HTTP Basic authentication, and JNDI from weblogic, the log is

      127.0.0.1 - - [22/Dec/2004:19:27:26 +0800] "GET /invoker/JNDIFactory HTTP/1.0" 401 954

      No retry. and no entry in jboss server.log, seems that the logincontext does not work from within weblogic.

      I suspect maybe some settings in weblogic interferes with this, but could not find any information on this. Has anybody seen this before?

      Thanks in advance,

      p.s. I posted this under "JNDI from weblogic" but I think this subject is more appropriate.

      • 3453 Views
      • Tags: