-
1. Re: unable to find LoginModule class
Where have you placed the com.jpagera.login.JPageraLoginModul class?
-
2. Re: unable to find LoginModule class
it is in my login module jar file that exist in the server lib
-
3. Re: unable to find LoginModule class
Can you post the output of the following (run this at the command prompt, from the folder which has your jar file):
jar -tf myloginjarfilename.jar
Replace myloginjarfilename with the appropriate jar file name in the above command -
4. Re: unable to find LoginModule class
Hi friend
thankx vr muh 4 ur hlp
the problem was im using 2 copy of JBoss and i used the one who dont has my login module jar file
i just forgot to chang th JBOSS_HOME...........
but i faced another exception
i run JSF page the code here run oky and the login succed
...............................
String securityDomain = "JPassivateSecurityDomain";
CallbackHandler callbackHandler =
new JPageraCallbackHandler("name","pass");
LoginContext lc =
new LoginContext( securityDomain,
callbackHandler );
lc.login();
......................................................
but when i tried to lookup Session it didnt get me exception
like that
...................................................
Properties pro = new Properties();
pro.put(Context.INITIAL_CONTEXT_FACTORY,"org.jnp.interfaces.NamingContextFactory");
pro.put(Context.URL_PKG_PREFIXES,"org.jboss.naming:org.jnp.interfaces");
pro.put(Context.PROVIDER_URL,"jnp://jpagera:1099");
pro.put(Context.SECURITY_PRINCIPAL,"name");
pro.put(Context.SECURITY_CREDENTIALS,"pass");
try {
final Context context = new InitialContext(pro);
session = context.lookup(sessionName);
} catch (Exception ex) {
ex.printStackTrace();
}
......................................................
but when im tryin to use the Session it gave these exceptions
session.callMethod();
Exception ...
javax.ejb.EJBAccessException: Authentication failure
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSe
curityException(Ejb3AuthenticationInterceptor.java:70)
at org.jboss.aspects.security.AuthenticationInterceptor.invoke(Authentic
ationInterceptor.java:70)
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3Auth
enticationInterceptor.java:102)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:101)
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterce
ptor.java:47)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:101)
at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(Asynchrono
usInterceptor.java:106)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:101)
at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessCo
ntainer.java:263)
at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.
java:58)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:101)
at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteP
roxy.java:102)
at $Proxy100.findAllUserTab(Unknown Source)
...........................................................
i dont know where is the problem did my lookedup correctly ???
in OC4J
when using Custom login module u should gave the RMI lookup specefic ROLE
that every user lookingup any Session ( by using my custom login module ) he must has that Role ............
its like that ..................<grant> <grantee> <principals> <principal> <class>com.jpagera.login.JPageraPrincipal</class> <name>JPageraAdminRole</name> </principal> </principals> </grantee> <permissions> <permission> <class>com.evermind.server.rmi.RMIPermission</class> <name>login</name> </permission> </permissions> </grant>
In %OC4J_HOME%\j2ee\home\config\system-jazn-data.xml
all my user must has this ROLE ( JPageraAdminRole )
it just give him the permission to using RMI to lookup Sessions
....................................
is there anything like that in JBoss ..
( should i gave my Users some kind of role to enable them to lookingup an Session )
and Tnk u vy muh 4 hlp -
-
6. Re: unable to find LoginModule class
At this point, we need some more information:
1) Which version of JBoss are you using?
2) Are you using EJB3 or EJB2.x?
3) Is there any security restrictions on those EJBs? If yes, then which roles are allowed to access the methods?
4) The TRACE level logs of JBoss security package which you will find in server.log , starting from the point where you called lc.login(). See Q4
at http://wiki.jboss.org/wiki/Wiki.jsp?page=SecurityFAQ for enabling TRACE level logs. -
7. Re: unable to find LoginModule class
thankx 4 reply
first i use JBoss 4.0.5 and im using EJB3 and no security restrictions on any EJB method
lokk this is my code ...
....................
String securityDomain = "JPassivateSecurityDomain";
CallbackHandler callbackHandler =
new JPageraCallbackHandler("name","pass");
try
{
LoginContext lc =
new LoginContext( securityDomain,
callbackHandler );
lc.login();
System.out.println("Subject : "+lc.getSubject());
Set seta_ = lc.getSubject().getPrincipals();
}
catch ( LoginException e )
{
e.printStackTrace();
}
...................................
look this code is working perfect .. but the problem is how can i get
the EJB session??
is there anyway to get The initialContext from logincontext??
cuz when im tryin to lookup in the teaditional way
.....................
Properties pro = new Properties();
pro.put(Context.INITIAL_CONTEXT_FACTORY,"org.jnp.interfaces.NamingContextFactory");
pro.put(Context.URL_PKG_PREFIXES,"org.jboss.naming:org.jnp.interfaces");
pro.put(Context.PROVIDER_URL,"jnp://jpagera:1099");
pro.put(Context.SECURITY_PRINCIPAL,"name");
pro.put(Context.SECURITY_CREDENTIALS,"pass");
pro.put("java.security.auth.login.config","auth.conf");
return new InitialContext(pro);
...............................
it gave Exception
..........
javax.ejb.EJBAccessException: Authentication failure
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSe
curityException(Ejb3AuthenticationInterceptor.java:70)
at org.jboss.aspects.security.AuthenticationInterceptor.invoke(Authentic
ationInterceptor.java:70)
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3Auth
enticationInterceptor.java:102)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:101)
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterce
ptor.java:47)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:101)
at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(Asynchrono
usInterceptor.java:106)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:101)
at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessCo
ntainer.java:263)
at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.
java:58)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:101)
at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteP
roxy.java:102)
at $Proxy100.findAllUserTab(Unknown Source)
......................
thankx 4 u -
8. Re: unable to find LoginModule class
im using EJB3 and no security restrictions on any EJB method
Can you post the EJB3 with annotations? If you dont have any restrictions on the EJB methods, then you should not be seeing the authentication exceptions. -
9. Re: unable to find LoginModule class
hey friend i knew the problem but do u have solution??
when im readin my custom login debug
i found that the name and password in custome login module is null
..............
02:00:14,593 INFO [STDOUT] LOGINNNNNNNNN_USER = null
02:00:14,593 INFO [STDOUT] LOGINNNNNNNNN_PASSWORD = nulll
02:00:14,593 INFO [STDOUT] driverDB : com.mysql.jdbc.Driver
02:00:14,593 INFO [STDOUT] userDB : pagera
02:00:14,593 INFO [STDOUT] passwordDB : pagera
02:00:14,593 INFO [STDOUT] urlDB : jdbc:mysql://localhost:3306/jos_db
.........................................
its from login method in my custom login module
System.out.println("LOGINNNNNNNNNNNNNNN_USER "+ ((NameCallback) callbackx[0]).getName());
System.out.println("LOGINNN_PASSWORD "+ ((PasswordCallback) callbackx[1]).getPassword());
...................
did u got my problem ??
i hope so and thank u vry mch -
10. Re: unable to find LoginModule class
did u got my problem ??
Not really.02:00:14,593 INFO [STDOUT] LOGINNNNNNNNN_USER = null
02:00:14,593 INFO [STDOUT] LOGINNNNNNNNN_PASSWORD = nulll
System.out.println("LOGINNNNNNNNNNNNNNN_USER "+ ((NameCallback) callbackx[0]).getName());
System.out.println("LOGINNN_PASSWORD "+ ((PasswordCallback) callbackx[1]).getPassword());
As far as this output is concerned, it all depends on what you have implemented in the JPageraCallbackHandler class' callback method. -
11. Re: unable to find LoginModule class
this is my LoginModule class
package com.jpagera.login; import java.io.IOException; import java.util.Map; import javax.security.auth.Subject; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; import java.sql.*; import java.util.HashSet; import java.util.List; import java.util.Set; import java.util.Vector; public class JPageraLoginModule implements LoginModule { private Subject subject_; private String userName ; private char[] password; private CallbackHandler _callbackHandler_; private boolean loginResult; private String driverDB_ ; private String userDB_ ; private String passwordDB_ ; private String urlDB_ ; private Map sharedState_; private Map options_; private JPageraPrincipal _jPageraRolePricipl[] ; public JPageraLoginModule() { } public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) { this.subject_ = subject; this._callbackHandler_ = callbackHandler; this.sharedState_ = sharedState; this.options_ = options; } public boolean login() throws LoginException { System.out.println("Start LOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOGIN MEHTOD"); if(_callbackHandler_ == null){ throw new LoginException("JPageraLoginModule Exception _callbackHandler_ is null "); } Callback callbackx[] = new Callback[2]; callbackx[0] = new NameCallback("Username"); callbackx[1] = new PasswordCallback("Password:",false); try { _callbackHandler_.handle(callbackx); System.out.println("LOGINNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN_U "+ ((NameCallback) callbackx[0]).getName()); System.out.println("LOGINNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN_P "+ ((PasswordCallback) callbackx[1]).getPassword()); driverDB_ = (String)options_.get("driverDB_"); userDB_ = (String)options_.get("userDB_"); passwordDB_ = (String)options_.get("passwordDB_"); urlDB_ = (String)options_.get("urlDB_"); System.out.println("driverDB : "+driverDB_); System.out.println("userDB : "+userDB_); System.out.println("passwordDB : "+passwordDB_); System.out.println("urlDB : "+urlDB_); userName = ((NameCallback) callbackx[0]).getName(); loginResult = checkUserNameAndPassword(((NameCallback) callbackx[0]).getName(),((PasswordCallback) callbackx[1]).getPassword()); System.out.println("IN LOGIN METHOD FINISH....."+loginResult); return loginResult; } catch (UnsupportedCallbackException e) { // TODO throw new LoginException("JPageraLoginModule Exception UnsupportedCallbackException "); } catch (IOException e) { // TODO throw new LoginException("JPageraLoginModule Exception IOException "); } } public boolean commit() throws LoginException { /*if(!loginResult){ return loginResult; }*/ if (subject_.isReadOnly()) { throw new LoginException("JPageraLoginModule Exception Subject is read only!"); } System.out.println("NAMEEEEEEEEEEEEEEEEEEEEEEEEEEEE "+userName); JPageraPrincipal jpageraPrincipl = new JPageraPrincipal(userName); //JPageraPrincipal jpageraPrinciplAdmin = new JPageraPrincipal("ADMIN"); subject_.getPrincipals().add(jpageraPrincipl); //subject_.getPrincipals().add(jpageraPrinciplAdmin); for (int i = 0; i < _jPageraRolePricipl.length; i++) { subject_.getPrincipals().add(_jPageraRolePricipl); } System.out.println("FINISH COMMITE................."); Object[] ty = subject_.getPrincipals().toArray(); for (int i = 0; i < ty.length; i++) { System.out.println(i+" Prin ........... "+ ( (JPageraPrincipal) ty).getName()); } return true; } public boolean abort() { userName = null; password = null; return true; } public boolean logout() { userName = null; password = null; subject_.getPrincipals().clear(); return true; } private boolean checkUserNameAndPassword(String userName_dB , char[] passowrd_DB){ Statement statem = null; ResultSet result1 = null; long userId = 0; Set<String> roleNames = new HashSet(); Connection conn = null; try { conn = getConnection(); statem = conn.createStatement(); String f = " SELECT USER_ID from USERS WHERE USERS.USER_LOGINNAME LIKE '"+userName_dB+"'" + " AND USERS.USER_PASSWORD LIKE '"+new String(passowrd_DB) +"' " + " AND USERS.USRE_ACTIVE = 0 "; result1 = statem.executeQuery(f); System.out.println("DB_NAME : "+userName_dB); System.out.println("DB_PASSOWRD : "+new String(passowrd_DB)); System.out.println("RESULT_DB : "+result1.getMetaData().getColumnCount()); if(result1.next()){ userId = result1.getLong(1); System.out.println("NEXT : "+userId); }else{ return false; } ResultSet result2 = statem.executeQuery(" SELECT ROLES.ROLE_NAME FROM USERS , ROLES , USER_ROLE " + " WHERE ROLES.ROLE_ID = USER_ROLE.ROLE_ID AND USER_ROLE.USER_ID = "+userId); System.out.println(result2.getMetaData().getColumnCount()); while(result2.next()){ roleNames.add(result2.getString("ROLE_NAME")); } System.out.println("SIZE "+roleNames.size()); String q4 = " SELECT ROLES.ROLE_NAME FROM ROLES , GROUP_ROLES , GROUP_USERS , GROUPS " + " WHERE ROLES.ROLE_ID = GROUP_ROLES.ROLE_ID AND " + " GROUP_ROLES.GROUP_ID = GROUP_USERS.GROUP_ID AND "+ " GROUP_USERS.USER_ID = "+userId+""; ResultSet result3 = statem.executeQuery(q4); while(result3.next()){ roleNames.add( result3.getString("ROLE_NAME")); } Object[] obA = roleNames.toArray(); _jPageraRolePricipl = new JPageraPrincipal[obA.length]; for (int i = 0; i < obA.length; i++) { System.out.println("ROLE_NAME : "+(String)obA); JPageraPrincipal currJPageraPri = new JPageraPrincipal((String)obA); _jPageraRolePricipl = currJPageraPri; } System.out.println("FINISH CHECK_USER_NAME AND PASSOWRD"); } catch (SQLException e) { // TODO System.out.println("JPageraLoginModule Exception SQLException On Connect "); e.printStackTrace(); return false; } catch (ClassNotFoundException e) { // TODO System.out.println("JPageraLoginModule Exception ClassNotFoundException "); e.printStackTrace(); } try { statem.close(); conn.close(); } catch (SQLException e) { // TODO System.out.println("JPageraLoginModule Exception SQLException On Close "); e.printStackTrace(); } return true; } public Connection getConnection() throws SQLException, ClassNotFoundException { Class.forName(driverDB_); Connection conn = DriverManager.getConnection(urlDB_,userDB_,passwordDB_); return conn; } public void setUserName(String userName) { this.userName = userName; } public String getUserName() { return userName; } public void setPassword(char[] password) { this.password = password; } public char[] getPassword() { return password; } public void setLoginResult(boolean loginResult) { this.loginResult = loginResult; } public boolean isLoginResult() { return loginResult; } public void setSubject_(Subject subject_) { this.subject_ = subject_; } public Subject getSubject_() { return subject_; } public void setCallbackHandler_(CallbackHandler callbackHandler_) { this._callbackHandler_ = callbackHandler_; } public CallbackHandler getCallbackHandler_() { return _callbackHandler_; } public void setSharedState_(Map sharedState_) { this.sharedState_ = sharedState_; } public Map getSharedState_() { return sharedState_; } public void setOptions_(Map options_) { this.options_ = options_; } public Map getOptions_() { return options_; } }
...........................