-
1. Re: Absolute simplest JMX/JMS authentication
peterj Apr 8, 2009 4:58 PM (in response to javadba)What version of JBoss AS? Also the Messaging version if you installed one.
Post the changes that you made to the configuration files. Don't forget to use the 'code' tag! And preview the message to make sure the formatting is correct. -
2. Re: Absolute simplest JMX/JMS authentication
javadba Apr 8, 2009 5:19 PM (in response to javadba)Note here I am using guest, although had previously used myUser. Same results. Also there are three different cases, shown by the parts commented out (or not). All fail the same way: "User guest is NOT authenticated."
<application-policy name="messaging"> <authentication> <!-- <login-module code="org.jboss.security.auth.spi.IdentityLoginModule" flag="required"> <module-option name="principal">myuser</module-option> <module-option name="roles">j2ee</module-option> --> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required"> <module-option name = "unauthenticatedIdentity">guest</module-option> <module-option name = "usersProperties">props/jmx-console-users.properties</module-option> <module-option name = "rolesProperties">props/jmx-console-roles.properties</module-option> <!-- <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required"> <module-option name = "dsJndiName">java:/DefaultDS</module-option> <module-option name = "principalsQuery">SELECT PASSWD FROM JBM_USER WHERE USER_ID=?</module-option> <module-option name = "rolesQuery">SELECT ROLE_ID, 'Roles' FROM JBM_ROLE WHERE USER_ID=?</module-option> --> </login-module> </authentication> </application-policy>
The files props/* are here:# A sample roles.properties file for use with the UsersRolesLoginModule myuser=JBossAdmin,HttpInvoker,manager,host-manager,guest,j2ee,durpublisher,publisher,subscriber
# A sample users.properties file for use with the UsersRolesLoginModule MCN-INC=mypassword
When the database provider was used, we added the rows in the jbm_user and jbm_roles tables. -
3. Re: Absolute simplest JMX/JMS authentication
peterj Apr 8, 2009 8:58 PM (in response to javadba)What you have defined is a user account named MCN-INC, but that user is not a member of any groups.
Your first post indicates that you are attempting to log in with an account name of myuser, but you have not declared any such user in the user.properties file.
I think you want to change the jmx-console-users.properties file to:myuser=password
-
4. Re: Absolute simplest JMX/JMS authentication
javadba Apr 8, 2009 9:04 PM (in response to javadba)yes, yes, i had intended to obfuscate the username to myuser from the other one when posting here. I did a partial obfuscation here. However, my real system has the proper matching: so the concern raised does not apply on the real environment.
-
5. Re: Absolute simplest JMX/JMS authentication
peterj Apr 9, 2009 11:54 AM (in response to javadba)You still have not said which version of JBoss AS. Also, if AS 4.2.x, which version of Messaging did you install?