8 Replies Latest reply on Oct 8, 2008 11:49 AM by craig1980

    Invoke secured EJB from standalone Tomcat

    craig1980

      Hi all.
      I have this envronment:


      Jboss 4.0.5GA on a server with IP address xxx.xxx.xxx.xxx
      Tomcat 5.5 on a server with IP address xxx.xxx.xxx.yyy
      Liferay 5.1.1 on tomcat
      EJBs 2.0


      I need to invoke EJB's from a portlet deploied in tomcat. These EJBs are secured; that is user needs to have a role for calling EJBs methods.
      I have configured my portlet for connecting to Jboss by using this jndi.properties:
      java.naming.provider.url=xxx.xxx.xxx.xxx:1099
      java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
      java.naming.factory.url.pkgs=org.jnp.interfaces
      


      When i try to call the EJB i have this error:
      2008-09-30 13:17:04,593 ERROR [de.danet.an.workflow.ejbs.client.StandardWorkflowServiceFactory] SecurityException; nested exception is:
       javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
      java.rmi.AccessException: SecurityException; nested exception is:
       javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
       at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:388)
       at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:136)
       at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107)
       at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:637)
       at org.jboss.ejb.Container.invoke(Container.java:975)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
      


      I think it's becouse i need to be logged on JBoss too; how can i configure my tomcat/jboss for calling these ejbs?

      Any suggestion is welcome.
      Thnx.

        • 1. Re: Invoke secured EJB from standalone Tomcat
          ragavgomatam

          You will have to pass in the user_id and credentials in jndi while attempting to call the secured ejb

          • 2. Re: Invoke secured EJB from standalone Tomcat
            craig1980

            Hi.
            I have tried by using this environment for my JNDI Lookup (for now i have used fixed credentials but it's more important the result forme):

            java.naming.provider.url=jnp://xxx.xxx.xxx.xxx:1099,
            java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory,
            java.naming.security.principal=username,
            java.naming.factory.url.pkgs=org.jnp.interfaces,
            java.naming.security.credentials=password
            


            The error on the client is the same.

            On the server (My Jboss server) by eneabling the security log i have this stack trace:

            
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(wfdemopluto), size=8
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in appConfigs, tyring parentCont: null
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in parentConfig, trying: other
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(wfdemopluto), authInfo=AppConfigurationEntry[]:
            [0]
            LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
            ControlFlag: LoginModuleControlFlag: required
            Options:
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] initialize, instance=@21756776
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Security domain: other
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/jboss-4.0.5.GA/server/default/conf/users.properties, defaults=null
            2008-09-30 18:45:19,468 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, operatore, Admin, operatoreCartografico, angpippo, cost]
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/jboss-4.0.5.GA/server/default/conf/roles.properties, defaults=null
            2008-09-30 18:45:19,468 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, operatore, Admin, operatoreCartografico, angpippo, cost]
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] login
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Authenticating as unauthenticatedIdentity=null
            2008-09-30 18:45:19,468 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for username=null
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] abort
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Login failure
            javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
             at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
             at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152)
             at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
             at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
             at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
             at java.lang.reflect.Method.invoke(Method.java:585)
             at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
             at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
             at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
             at java.security.AccessController.doPrivileged(Native Method)
             at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
             at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
             at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601)
             at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
             at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
             at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:211)
             at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:135)
             at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132)
             at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107)
             at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:637)
             at org.jboss.ejb.Container.invoke(Container.java:975)
             at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
             at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
             at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
             at java.lang.reflect.Method.invoke(Method.java:585)
             at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
             at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
             at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
             at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
             at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
             at org.jboss.invocation.jrmp.server.JRMPInvoker$MBeanServerAction.invoke(JRMPInvoker.java:819)
             at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:420)
             at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
             at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
             at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
             at java.lang.reflect.Method.invoke(Method.java:585)
             at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
             at sun.rmi.transport.Transport$1.run(Transport.java:153)
             at java.security.AccessController.doPrivileged(Native Method)
             at sun.rmi.transport.Transport.serviceCall(Transport.java:149)
             at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
             at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
             at java.lang.Thread.run(Thread.java:595)
            2008-09-30 18:45:19,468 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, false
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1222793120437 sessioncount 0
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1222793120437 sessioncount 0
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1222793120437 sessioncount 0
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1222793120437 sessioncount 0
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1222793120437 sessioncount 0
            2008-09-30 18:45:20,437 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
            


            It seems as on JBoss side the Principal is null.
            Now my auth.conf for my web client configuration is this one:

            
            PortalRealm {
             com.liferay.portal.kernel.security.jaas.PortalLoginModule required;
             org.jboss.security.ClientLoginModule required;
            };
            
            


            I must use both PortalLoginModule and ClientLoginModule (this last one is usefull for JBoss, infact by a simple java client i'm able in invocking my EJB)

            I don't understand where i'm missing myself.

            Any suggestion more pls?

            Thnx to all

            • 3. Re: Invoke secured EJB from standalone Tomcat
              ragavgomatam

              check this out...

              2008-09-30 18:45:19,468 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for u
              sername=null
              2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] abort
              2008-09-30 18:45:19,468 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Login fai
              lure
              javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required


              Also check the property file

              2008-09-30 18:45:19,468 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=fi
              le:/C:/jboss-4.0.5.GA/server/default/conf/users.properties, defaults=null


              • 4. Re: Invoke secured EJB from standalone Tomcat
                craig1980

                Hi.
                First of all thnx for you help.
                I'm trying to understand what happens.
                I have created a simple Java class who calls my secured EJB; i have added under my class-path all the client jars needed (jbossall-client.jar) and i creted my jaas.config file in this way:

                danetworkflow {
                org.jboss.security.ClientLoginModule required;
                };
                


                I can successfull invoke my secured EJB; from the log i have:
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: null
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] defaultLogin, principal=ML
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(wfdemopluto), size=11
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in appConfigs, tyring parentCont: null
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in parentConfig, trying: other
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(wfdemopluto), authInfo=AppConfigurationEntry[]:
                [0]
                LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
                ControlFlag: LoginModuleControlFlag: required
                Options:
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] initialize, instance=@32141780
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/users.properties, defaults=null
                2008-10-02 18:49:05,484 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost]
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/roles.properties, defaults=null
                2008-10-02 18:49:05,484 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost]
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] login
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] User 'ML' authenticated, loginOk=true
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] commit, loginOk=true
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: ML, roles string: WfMOpenAdmin
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Adding to Roles: WfMOpenAdmin
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: root, roles string: WfMOpenAdmin
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: ang, roles string: WfMOpenAdmin,CMS_CE_ADMIN,CMS_CE_APP
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: Admin, roles string: WfMOpenAdmin
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: angpippo, roles string: WfMOpenAdmin
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: cost, roles string: WfMOpenAdmin,CMS_CE_ADMIN,CMS_CE_PUB
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] defaultLogin, lc=javax.security.auth.login.LoginContext@d73c3c, subject=Subject(11767226).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin))
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] updateCache, inputSubject=Subject(11767226).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)), cacheSubject=Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin))
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Inserted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                , sc=org.jboss.security.SecurityAssociation$SubjectContext@7262b6{principal=ML,subject=28233541}
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@7262b6{principal=ML,subject=28233541}
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
                2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@7262b6{principal=ML,subject=28233541}
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                , sc=org.jboss.security.SecurityAssociation$SubjectContext@17b5179{principal=ML,subject=19003734}
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@17b5179{principal=ML,subject=19003734}
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
                2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] getPrincipal, principal=ML
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                , sc=org.jboss.security.SecurityAssociation$SubjectContext@178b0f9{principal=ML,subject=11188351}
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@178b0f9{principal=ML,subject=11188351}
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@178b0f9{principal=ML,subject=11188351}
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
                2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@17b5179{principal=ML,subject=19003734}
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                , sc=org.jboss.security.SecurityAssociation$SubjectContext@1412c18{principal=ML,subject=28696941}
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1412c18{principal=ML,subject=28696941}
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getPrincipal, principal=ML
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                , sc=org.jboss.security.SecurityAssociation$SubjectContext@1e2ee3f{principal=ML,subject=25659337}
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1e2ee3f{principal=ML,subject=25659337}
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
                2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
                2008-10-02 18:49:06,406 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
                2008-10-02 18:49:06,406 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
                2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@1e2ee3f{principal=ML,subject=25659337}
                2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
                2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@1412c18{principal=ML,subject=28696941}
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                , sc=org.jboss.security.SecurityAssociation$SubjectContext@1f1e0e0{principal=ML,subject=14864555}
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1f1e0e0{principal=ML,subject=14864555}
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
                2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@1f1e0e0{principal=ML,subject=14864555}
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                , sc=org.jboss.security.SecurityAssociation$SubjectContext@1291479{principal=ML,subject=33507544}
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1291479{principal=ML,subject=33507544}
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
                2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@1291479{principal=ML,subject=33507544}
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                , sc=org.jboss.security.SecurityAssociation$SubjectContext@54919e{principal=ML,subject=2373615}
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@54919e{principal=ML,subject=2373615}
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
                 Principal: ML
                 Principal: Roles(members:WfMOpenAdmin)
                
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
                2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640]
                2008-10-02 18:49:07,234 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
                2008-10-02 18:49:07,234 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@54919e{principal=ML,subject=2373615}
                2008-10-02 18:49:23,859 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1222966163859 sessioncount 0
                20
                


                Now i have my web application (liferay portal) who has this jaas.config:

                PortalRealm {
                 com.liferay.portal.kernel.security.jaas.PortalLoginModule required;
                };
                


                I have added the jboss login module too; so the new jaas.config file is:

                PortalRealm {
                 com.liferay.portal.kernel.security.jaas.PortalLoginModule required;
                 org.jboss.security.ClientLoginModule required;
                };
                


                But i'm not able to understand why i can't invole my EJB. The error log is:

                2008-10-02 18:45:02,671 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:null, cache info: null
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] defaultLogin, principal=null
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(wfdemopluto), size=11
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in appConfigs, tyring parentCont: null
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in parentConfig, trying: other
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(wfdemopluto), authInfo=AppConfigurationEntry[]:
                [0]
                LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
                ControlFlag: LoginModuleControlFlag: required
                Options:
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] initialize, instance=@27700281
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/users.properties, defaults=null
                2008-10-02 18:45:02,671 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost]
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/roles.properties, defaults=null
                2008-10-02 18:45:02,671 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost]
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] login
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Authenticating as unauthenticatedIdentity=null
                2008-10-02 18:45:02,671 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for username=null
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] abort
                2008-10-02 18:45:02,671 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Login failure
                javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
                 at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
                 at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152)
                 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                 at java.lang.reflect.Method.invoke(Method.java:585)
                 at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
                 at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
                 at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
                 at java.security.AccessController.doPrivileged(Native Method)
                 at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
                 at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
                 at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601)
                 at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
                 at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
                 at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:211)
                 at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:135)
                 at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132)
                 at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107)
                 at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:637)
                 at org.jboss.ejb.Container.invoke(Container.java:975)
                 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                 at java.lang.reflect.Method.invoke(Method.java:585)
                 at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
                 at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
                 at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
                 at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
                 at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
                 at org.jboss.invocation.jrmp.server.JRMPInvoker$MBeanServerAction.invoke(JRMPInvoker.java:819)
                 at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:420)
                 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                 at java.lang.reflect.Method.invoke(Method.java:585)
                 at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
                 at sun.rmi.transport.Transport$1.run(Transport.java:153)
                 at java.security.AccessController.doPrivileged(Native Method)
                 at sun.rmi.transport.Transport.serviceCall(Transport.java:149)
                 at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
                 at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
                 at java.lang.Thread.run(Thread.java:595)
                2008-10-02 18:45:02,718 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, false
                


                I can't understand why principal is not propagated to Jboss layer.
                I do these steps:

                I log to the portal
                I arrive to my page
                I try to invoke my ejb


                I really can't understand where i'm losign something..
                Can anybod help me pls?

                Thnx

                Angelo.

                • 5. Re: Invoke secured EJB from standalone Tomcat
                  jaikiran

                  For web application, you will have to add the loginmodule to the %JBOSS_HOME%/server/< serverName>/conf/login-config.xml file. That file already has some example login-modules. Add your loginmodule(s) there.

                  • 6. Re: Invoke secured EJB from standalone Tomcat
                    craig1980

                    Hi.
                    Thnx for the reply.

                    My web application is on a stand alone Tomcat not in JBoss AS.

                    So i need to configure Tomcat for the login module.

                    I must understand what i'm missing.

                    Any suggestion?

                    Thanx.
                    Angelo.

                    • 7. Re: Invoke secured EJB from standalone Tomcat
                      ragavgomatam

                      Let me try to understand your configuration. You have a standalone
                      Tomcat that hosts a portal application. In this application, you have a java class that calls a ejb in another standalone jboss. Am I correct so far ? If that is the case, then your call from Tomcat to Jboss ejb should be no
                      different from a regular java class calling a secured ejb through jaas login.

                      • 8. Re: Invoke secured EJB from standalone Tomcat
                        craig1980

                        Hi.
                        Sorry for beeing late in answering you.
                        Yes you got the right configuration.
                        I solved it. How it works.

                        Well...like when you are wrong in parking a car.....restart form beginning.
                        I have restarted from beginning by being carefully in configuring all the servers (both the stand alone tomcat and the stand alone JBoss) by using JAAS
                        I have been carefull in configuring Liferay for using JAAS.

                        Now it works.
                        Maybe before i did some error. Thnx to all you for your help.

                        Regards.
                        Angelo