0 Replies Latest reply on Dec 6, 2006 3:42 PM by carlosdelfino

    Please, one Simple RoadMap for User Login on Client SWING an

    carlosdelfino
    carlosdelfino Dec 6, 2006 3:42 PM

      Hi, I am New on JBoss Security, and new in English too!

      Please, I need one simple Road Map for configure JAAS Kerberos Login on client and propagate to JBoss 4.0.4 with EJB 3.

      In the Client I have sucess with Kerberos Login, but I need use LoginJNDIInitialContext or other method for Authenticate on JBoss server, and I not have how I send my Password for KerberosLoginModule on JBoss JAAS, I Try use the ClientLoginModule, but even so I need send the password too, but I only have Kerberos Information after Login process, like KerberosPrincipal and KerberosTiket and KerberosKey.

      I dont know if I make wrong, I have read many papers foruns, like this, on Internet and not undestand i need make for this work.

      This is my config-login.xml:

       </application-policy>
 <application-policy name="KerberosTest">
 <authentication>
 <login-module flag="required" code="org.jboss.security.ClientLoginModule">
 <module-option name="debug">true</module-option>
 </login-module>
 <login-module code="com.sun.security.auth.module.Krb5LoginModule" llag="required">
 <module-option name = "debug">true</module-option>
 </login-module>
 <login-module code="examples.jaaskeberos.loginmodule.MyLoginModule" flag="required">
 <module-option name="group.file">data/group.properties</module-option>
 <module-option name="debug">true</module-option>
 </login-module>
 </authentication>
 </application-policy>


      This is my Client Code for get InitialContext on JBoss: 
       props.put("java.naming.factory.initial", "org.jboss.security.jndi.JndiLoginInitialContextFactory");
 props.put(Context.SECURITY_PRINCIPAL, ((KerberosPrincipal)subject.getPrincipals(KerberosPrincipal.class).toArray()[0]).getName());
// Here I need my Credencials, How I get?
// props.put(Context.SECURITY_CREDENTIALS, "?????????????????");
 InitialContext ctx = new InitialContext(props);
.....
// here I get and use EJB3


      this is the JBoss log: 
      2006-12-06 17:34:41,113 DEBUG [org.jboss.remoting.transport.socket.ServerThread] WAKEUP in SERVER THREAD
2006-12-06 17:34:41,114 DEBUG [org.jboss.remoting.transport.socket.ServerThread] beginning dorun
2006-12-06 17:34:42,216 INFO [examples.jaaskerberos.ejb.EJBSeguroStatefull] Inicializado
2006-12-06 17:34:42,217 INFO [examples.jaaskerberos.ejb.EJBSeguroStatefull] Context: null
2006-12-06 17:34:42,218 INFO [examples.jaaskerberos.ejb.EJBSeguroStatefull] PostConstruct
2006-12-06 17:34:42,218 INFO [examples.jaaskerberos.ejb.EJBSeguroStatefull] Context: org.jboss.ejb3.BaseSessionContext@626028
2006-12-06 17:34:42,219 INFO [STDOUT] Debug is true storeKey false useTicketCache false useKeyTab false doNotPrompt false ticketCache is null KeyTab is null refreshKrb5Config is false principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false
2006-12-06 17:34:42,220 INFO [STDOUT] [Krb5LoginModule] user entered username: carlos.delfino@CARLOSDELFINO.COM.BR
2006-12-06 17:34:42,360 INFO [examples.jaaskeberos.loginmodule.MyLoginModule] /home/projetos/java/ferramentas/jboss-versions/jboss-4.0.5.GA/data/group.properties2006-12-06 2006-12-06 17:34:42,475 DEBUG [org.jboss.remoting.transport.socket.ServerThread] begin thread wait


      and this is client erro msg: 
      Exception in thread "main" javax.ejb.EJBAccessException: Authentication failure
 at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:70)
 at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70)
 at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:102)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.stateful.StatefulContainer.dynamicInvoke(StatefulContainer.java:319)
 at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
 at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
 at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:828)
 at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:681)
 at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:358)
 at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:412)
 at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:239)
 at org.jboss.remoting.RemoteClientInvoker.invoke(RemoteClientInvoker.java:190)
 at org.jboss.remoting.Client.invoke(Client.java:525)
 at org.jboss.remoting.Client.invoke(Client.java:488)
 at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:55)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:55)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:78)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.stateful.StatefulRemoteProxy.invoke(StatefulRemoteProxy.java:133)
 at $Proxy1.echoComSeguranca_1(Unknown Source)
 at examples.jaaskerberos.JaasAcn.testaUsoDeAutorizacaoComEJB3(JaasAcn.java:152)
 at examples.jaaskerberos.JaasAcn.main(JaasAcn.java:88)
Caused by: javax.security.auth.login.LoginException: java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be null!
 at sun.security.krb5.EncryptionKey.<init>(EncryptionKey.java:189)
 at sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:167)
 at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:626)
 at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:512)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
 at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
 at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
 at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
 at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601)
 at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
 at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
 at org.jboss.aspects.security.AuthenticationInterceptor.authenticate(AuthenticationInterceptor.java:123)
 at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:66)
 at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:102)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.stateful.StatefulContainer.dynamicInvoke(StatefulContainer.java:319)
 at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
 at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
 at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:828)
 at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:681)
 at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:358)
 at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:412)
 at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:239)

 at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
 at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
 at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
 at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
 at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601)
 at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
 at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
 at org.jboss.aspects.security.AuthenticationInterceptor.authenticate(AuthenticationInterceptor.java:123)
 at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:66)
 at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:102)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
 at org.jboss.ejb3.stateful.StatefulContainer.dynamicInvoke(StatefulContainer.java:319)
 at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
 at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
 at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:828)
 at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:681)
 at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:358)
 at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:412)
 at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:239)


      Thanks very much!

      • 1141 Views
      • Tags: