2 Replies Latest reply on Dec 22, 2004 2:56 PM by ricardoarguello

    Problems with CallerIdentityLoginModule

    rrhodes

      I am trying to setup the CallerIdentityLoginModule to use with the JCA adapter for jakarta slide. I tested the ConfiguredIdentityLoginModule first, and that worked fine, but I keep getting a SecurityException when I switch to CallerIdentity.

      I am using Slide as my user store, and I use a SlideLoginModule to authenticate the web applications. I want to then have the current logged-in user and credentials used whenever a JCA connection is created. I have verified that I am getting the correct principals from the SlideLoginModule.

      I'm including here the error log and the login config.

      Here is my login-config.xml. The configured identity is commented out.


      <application-policy name = "myecaddyRealm">

      <login-module code="com.greenmud.auth.SlideLoginModule" flag="required">
      <module-option name="namespace">slide</module-option>
      </login-module>

      </application-policy>

      <application-policy name = "webdavRealm">

      <login-module code = "org.jboss.resource.security.CallerIdentityLoginModule" flag = "required">
      <module-option name = "userName">root</module-option>
      <module-option name = "password">root</module-option>
      <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=WebDAV-Connector</module-option>
      </login-module>

      </application-policy>

      <!--
      <application-policy name = "webdavRealm">

      <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required">
      <module-option name = "principal">john</module-option>
      <module-option name = "userName">john</module-option>
      <module-option name = "password">john</module-option>
      <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=WebDAV-Connector</module-option>
      </login-module>

      </application-policy>
      -->




      Here is the error log:
      java.lang.SecurityException: Invalid authentication attempt, principal=john
      at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(BaseConnectionManager2.java:666)
      at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnectionManager2.java:495)
      at org.jboss.resource.connectionmanager.BaseConnectionManager2$ConnectionManagerProxy.allocateConnection(BaseConnectionManager2.java:887)
      at org.apache.webdav.connector.WebDAVConnectionFactory.getConnection(WebDAVConnectionFactory.java:56)
      at org.apache.jsp.protected_.davtest_jsp._jspService(davtest_jsp.java:66)
      at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
      at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:324)
      at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:292)
      at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:236)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
      at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:75)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:186)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
      at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
      at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
      at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
      at org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrincipalValve.java:66)
      at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
      at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:158)
      at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
      at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
      at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
      at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
      at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
      at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
      at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
      at java.lang.Thread.run(Thread.java:595)


      Thanks for any help
      -Ryan Rhodes