2 Replies Latest reply on Sep 13, 2006 12:27 AM by kourkk

Strange think!

kourkk Sep 11, 2006 6:26 PM

I correctly configured my web application to work with form authendication and also to manualy authendicate using loginContext.login(). I went for sleep, Iwake up and in my job I tested. It worked for one time and after that the loginContext.Login never worked again. I even reinstalled jboss nothing. I am sure I didn't changed nothing. Some how is using UserLoginModule instead the Database policy.I am stragling with this issue three days. I keep taking

[UsersRolesLoginModule] Failed to load users/passwords/role files
java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found,

but i do not use this when I say LoginContext("myPolicy", handler)

In the forum I saw many postings with the exception:

[UsersRolesLoginModule] Failed to load users/passwords/role files
java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found,

but for different reasons. I think this is some kind a bug.

Does anyone nows something?

1. Re: Strange think!

fhh Sep 12, 2006 5:58 AM (in response to kourkk)
UsersRolesLoginModule] Failed to load users/passwords/role files java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found

I had the same problem. It means that the specidied security context was not found and that it is trying to use the default one which is not configured.

Check your jboss-web.xml and try setting the logging output regarding the security stuff to trace.

Regards

fhh
Actions
2. Re: Strange think!

kourkk Sep 13, 2006 12:27 AM (in response to kourkk)

Thanks for the response fhh.
My jboss-web.xml is OK

<?xml version="1.0"?>

<jboss-web>
<security-domain>java:/jaas/myPolicy</security-domain>
</jboss-web>

and is pointing to the correct policy inside login-conf.xml.

<application-policy name="myPolicy">

<login-module code="org.jboss.security.ClientLoginModule" flag="required">
</login-module>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="managedConnectionFactoryName">
jboss.jca:service=LocalTxCM,name=MySqlDS
</module-option>
<module-option name="dsJndiName">
java:/MySqlDS
</module-option>
<module-option name="principalsQuery">
SELECT PASSWD FROM PRINCIPALS WHERE USERID=?
</module-option>
<module-option name="rolesQuery">
SELECT ROLEID 'Roles', ROLEGROUP 'RoleGroups' FROM ROLES WHERE USERID=?
</module-option>
</login-module>

</application-policy>

I am not sure though if my database realm is need it also. i.e the following is needed in login-conf.xml?

<application-policy name = "MySqlDbRealm">

<login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag = "required">
<module-option name = "principal">root</module-option>
<module-option name = "userName">root</module-option>
<module-option name = "password">root</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option>
</login-module>

</application-policy>

Yes the problem is that can not find the my application policy when i try to login with the loginContext.login. But when i am redirected to the login page (FORM based security) and the j_security_check executed everything works ok, it find everything. But with loginContext.login no. And also remember that IT Was working.

Another good is that I changed to jboss 4.05 cr1 and now is working again.
Actions

Go to original post