0 Replies Latest reply on Mar 2, 2005 4:48 AM by lucaiacono

    Invalid Authentication attempt

    lucaiacono
    lucaiacono Mar 2, 2005 4:48 AM

      Hi there,

      I have been trying to connect JBoss 3.0.4 to Oracle 9.2.0.1but the AS keeps on throwing the following exception during the deploy of ejb's:
      java.lang.SecurityException: Invalid authentication attempt: principal=null.
      I'd be grateful if someone could shed some light on this.
      for your reference you shall find oracle-service.xml login-config.xml

      oracle-service.xml

      <?xml version="1.0" encoding="UTF-8"?>
<server>
 ==================================================================== -->

 <!-- ConnectionManager setup for Oracle dbs -->

 <!-- Build jmx-api (build/build.sh all) and view for config documentation -->

 <!-- Thanks to Steven Coy -->

 <!-- ==================================================================== -->

 <mbean code="org.jboss.resource.connectionmanager.LocalTxConnectionManager" name="jboss.jca:service=LocalTxCM,name=OracleDS">
 <attribute name="SecurityDomainJndiName">OracleDbRealm</attribute>
 <depends optional-attribute-name="ManagedConnectionFactoryName">
 <!--embedded mbean-->
 <mbean code="org.jboss.resource.connectionmanager.RARDeployment" name="jboss.jca:service=LocalTxDS,name=OracleDS">
 <attribute name="JndiName">EnacDS</attribute>
 <attribute name="ManagedConnectionFactoryProperties">
 <properties>
 <config-property name="ConnectionURL" type="java.lang.String">jdbc:oracle:thin:@10.0.0.107:1521:GESTELDB</config-property>
 <config-property name="DriverClass" type="java.lang.String">oracle.jdbc.driver.OracleDriver</config-property>
 <!--set these only if you want only default logins, not through JAAS -->
 <config-property name="UserName" type="java.lang.String">ENACSA</config-property>
 <config-property name="Password" type="java.lang.String">ENACSA</config-property>
 </properties>
 </attribute>
<!--Below here are advanced properties -->
 <!--hack-->
 <depends optional-attribute-name="OldRarDeployment">jboss.jca:service=RARDeployment,name=JBoss LocalTransaction JDBC Wrapper</depends>
 </mbean>
 </depends>
 <depends optional-attribute-name="ManagedConnectionPool">
 <!--embedded mbean-->
 <mbean code="org.jboss.resource.connectionmanager.JBossManagedConnectionPool" name="jboss.jca:service=LocalTxPool,name=OracleDS">
 <attribute name="MinSize">0</attribute>
 <attribute name="MaxSize">101</attribute>
 <attribute name="BlockingTimeoutMillis">5000</attribute>
 <attribute name="IdleTimeoutMinutes">5</attribute>
 <attribute name="Criteria">ByContainer</attribute>
 </mbean>
 </depends>
 <depend> optional-attribute-name="CachedConnectionManager">jboss.jca:service=CachedConnectionManager</depends>
 <depends optional-attribute-name="JaasSecurityManagerService">jboss.security:service=JaasSecurityManager</depends>
 <attribute name="TransactionManager">java:/TransactionManager</attribute>
 <!--make the rar deploy! hack till better deployment-->
 <depends>jboss.jca:service=RARDeployer</depends>
 </mbean>
</server>

      login-config.xml 
      <policy>
 <!-- Used by clients within the application server VM such as
 mbeans and servlets that access EJBs.
 -->
 <application-policy name = "client-login">
 <authentication>
 <login-module code = "org.jboss.security.ClientLoginModule"
 flag = "required">
 </login-module>
 </authentication>
 </application-policy>
 <!-- Security domain for JBossMQ -->
 <application-policy name = "jbossmq">
 <authentication>
 <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule" flag = "required">
 <module-option name = "unauthenticatedIdentity">guest</module-option>
 <module-option name = "sm.objectnam">jboss.mq:service=StateManager</module-option>
 </login-module>
 </authentication>
 </application-policy>
 <!-- Security domains for testing new jca framework -->
 <application-policy name = "HsqlDbRealm">
 <authentication>
 <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"

 flag = "required">
 <module-option name = "principal">sa</module-option>
 <module-option name = "userName">sa</module-option>
 <module-option name = "password"></module-option>
 <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=hsqldbDS</module-option>
 </login-module>
 </authentication>
 </application-policy>
 <application-policy name = "FirebirdDBRealm">
 <authentication>
 <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
 flag = "required">
 <module-option name = "principal">sysdba</module-option>
 <module-option name = "userName">sysdba</module-option>
 <module-option name = "password">masterkey</module-option>
 <module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=FirebirdDS</module-option>
 </login-module>
 </authentication>
 </application-policy>
 <application-policy name = "JmsXARealm">
 <authentication>
 <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
 flag = "required">
 <module-option name = "principal">guest</module-option>
 <module-option name = "userName">guest</module-option>
 <module-option name = "password">guest</module-option>
 <module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=jmsra</module-option>
 </login-module>
 </authentication>
 </application-policy>
 <application-policy name = "OracleDbRealm">
 <authentication>
 <!-- <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required"> -->
 <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
 <module-option name = "dsJndiName">java:/EnacDS</module-option>
 <module-option name = "principalsQuery">select PWD from ACCOUNT where USERNAME=? And ISELIMINATO = FALSE</module-option>
 <module-option name = "rolesQuery">select PROFILO, PROFILO from ACCOUNT where USERNAME=?</module-option>
 <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=OracleDS</module-option>
 </login-module>
 </authentication>
 </application-policy>
 <!-- The default login configuration used by any security domain that
 does not have a application-policy entry with a matching name
 -->
 <application-policy name = "other">
 <authentication>
 <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
 flag = "required" />
 </authentication>
 </application-policy>
 </policy>

      and just the beginning of bosscmp-jdbc.xml 
      <jbosscmp-jdbc>
 <defaults>
 <datasource>java:/EnacDS</datasource>
 <datasource-mapping>Oracle8</datasource-mapping>
 <create-table>true</create-table>
 <remove-table>false</remove-table>
 <read-only>false</read-only>
 <pk-constraint>true</pk-constraint>
 <preferred-relation-mapping>foreign-key</preferred-relation-mapping>
 <read-ahead>
 <strategy>on-load</strategy>
 <page-size>253</page-size>
 <eager-load-group>*</eager-load-group>
 </read-ahead>
 <!-- <list-cache-max>1000</list-cache-max> -->
 </defaults>
 <enterprise-beans>
,,,

      here is the exception:

      2005-03-01 15:25:37,360 WARN [org.jboss.system.ServiceController] Problem starting service jboss.j2ee:jndiName=Recapito,service=EJB
      java.lang.SecurityException: Invalid authentication attempt, principal=null

      your help will be much appreciated.
      thanks
      luca

      • 2884 Views
      • Tags: