0 Replies Latest reply on Feb 8, 2007 2:57 PM by ajbenson

    No LoginModules configured for jmx-console

    ajbenson

      I tried to secure the web-console as described in the Wiki (http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole) by uncommenting the security relevant elements in web.xml and jboss-web.xml.

      I am getting the following error in server.log:

      2007-02-08 13:31:55,011 DEBUG [http-0.0.0.0-8443-Processor4] [org.jboss.security.plugins.JaasSecurityManager.jmx-console] Login failure
      javax.security.auth.login.LoginException: No LoginModules configured for jmx-console
       at javax.security.auth.login.LoginContext.init(LoginContext.java:189)
       at javax.security.auth.login.LoginContext.<init>(LoginContext.java:350)
       at javax.security.auth.login.LoginContext.<init>(LoginContext.java:465)
       at org.jboss.security.plugins.SubjectActions$LoginContextAction.run(SubjectActions.java:91)
       at java.security.AccessController.doPrivileged(Native Method)
       at org.jboss.security.plugins.SubjectActions.createLoginContext(SubjectActions.java:129)
       at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:475) at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:430) at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:246)
       at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:221)
       at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:337)
       at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:129)
       at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
       at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:535)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
       at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
       at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
       at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
       at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
       at java.lang.Thread.run(Thread.java:534)
      


      Here is the relevant section of my web.xml:
       <security-constraint>
       <web-resource-collection>
       <web-resource-name>HtmlAdaptor</web-resource-name>
       <description>An example security config that only allows users with the
       role JBossAdmin to access the HTML JMX console web application
       </description>
       <url-pattern>/*</url-pattern>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
       </web-resource-collection>
       <auth-constraint>
       <role-name>JBossAdmin</role-name>
       </auth-constraint>
       </security-constraint>
      
       <login-config>
       <auth-method>BASIC</auth-method>
       <realm-name>JBoss JMX Console</realm-name>
       </login-config>
      
       <security-role>
       <role-name>JBossAdmin</role-name>
       </security-role>
      


      In jboss-web.xml:
      <security-domain>java:/jaas/jmx-console</security-domain>
      


      In login-config.xml:
      <application-policy name = "jmx-console">
       <authentication>
       <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag = "required" />
       <module-option name="usersProperties">users.properties</module-option>
       <module-option name="rolesProperties">roles.properties</module-option>
       </login-module>
       </authentication>
       </application-policy>
      


      I am running JBoss 3.2.5 on Solaris 9.

      Thanks for any help anyone can provide.