10 Replies Latest reply on Nov 26, 2011 7:48 AM by balderys

blank page on jmx-console

devils_lick Jul 19, 2010 5:07 PM

Hi,

I am a new to jboss so i really dont have anyknowledge on it. well my situation is this: i need to secure jmx-webconsole. I found a couple of good articles on how to do it and performed it step by step but the thing is that i got the login prompt for jmx-console but when i enter the username and password it displays the blank page.

here are the steps that i followed:

1. locate web.xml file

it was under ::

/usr/java/jboss-4.0.1sp1/server/default/deploy/jmx-console.war/WEB-INF/web.xml
/usr/java/jboss-4.0.1sp1/server/all/deploy/jmx-console.war/WEB-INF/web.xml
/usr/java/jboss-4.0.1sp1/server/site-minimal/deploy/jmx-console.war/WEB-INF/web.xml

but since we are using the minimal configuration

#ps -ef | grep jboss showed

jboss     4828     1  0 02:43 ?        00:00:00 /bin/sh /usr/java/jboss/bin/run.sh -c site-minimal
jboss     4834  4828  1 02:43 ?        00:08:03 /usr/java/java_home/bin/java -server -Xms256m -Xmx1024m -Dprogram.name=run.sh -Djava.endorsed.dirs=/usr/java/jboss/lib/endorsed -classpath /usr/java/jboss/bin/run.jar:/usr/java/java_home/lib/tools.jar org.jboss.Main -c site-minimal

2. i uncommented security constraint part

<!-- A security constraint that restricts access to the HTML JMX console
    to users with the role JBossAdmin. Edit the roles to what you want and
    uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
    secured access to the HTML JMX console.-->
   <security-constraint>
      <web-resource-collection>
        <web-resource-name>HtmlAdaptor</web-resource-name>
        <description>An example security config that only allows users with the
          role JBossAdmin to access the HTML JMX console web application
        </description>
        <url-pattern>/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
        <role-name>JBossAdmin</role-name>
      </auth-constraint>
    </security-constraint>
  <login-config>
       <auth-method>BASIC</auth-method>
       <realm-name>JBoss JMX Console</realm-name>
    </login-config>
  <security-role>
       <role-name>JBossAdmin</role-name>
    </security-role>
 </web-app>

2. locate jboss-web.xml file and edit it as following:

<jboss-web>
    <!-- Uncomment the security-domain to enable security. You will
       need to edit the htmladaptor login configuration to setup the
       login modules used to authentication users.-->
       <security-domain>java:/jaas/jmx-console</security-domain>
    
 </jboss-web>

3. locate login-config.xml file,the contents of it are as follows:

 <?xml version='1.0'?>
 <!DOCTYPE policy PUBLIC
       "-//JBoss//DTD JBOSS Security Config 3.0//EN"
       "http://www.jboss.org/j2ee/dtd/security_config.dtd">


<!-- The XML based JAAS login configuration read by the
 org.jboss.security.auth.login.XMLLoginConfig mbean. Add
 an application-policy element for each security domain.


The outline of the application-policy is:
 <application-policy>
   <authentication>
     <login-module code="login.module1.class.name" flag="control_flag">
       <module-option name = "option1-name">option1-value</module-option>
       <module-option name = "option2-name">option2-value</module-option>
       ...
     </login-module>


    <login-module code="login.module2.class.name" flag="control_flag">
       ...
     </login-module>
     ...
   </authentication>
 </application-policy>


$Revision: 1.12.2.1 $
 -->


<policy>
     <!-- Used by clients within the application server VM such as
     mbeans and servlets that access EJBs.
     -->
     <application-policy name = "client-login">
        <authentication>
           <login-module code = "org.jboss.security.ClientLoginModule"
              flag = "required">
           </login-module>
        </authentication>
     </application-policy>


    <!-- Security domain for JBossMQ -->
     <application-policy name = "jbossmq">
        <authentication>
           <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
              flag = "required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
              <module-option name = "dsJndiName">java:/DefaultDS</module-option>
              <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option>
              <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>
           </login-module>
        </authentication>
     </application-policy>


    <!-- Security domain for JBossMQ when using file-state-service.xml
     <application-policy name = "jbossmq">
        <authentication>
           <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
              flag = "required">
              <module-option name = "unauthenticatedIdentity">guest</module-option>
              <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
           </login-module>
        </authentication>
     </application-policy>
     -->


    <!-- Security domains for testing new jca framework -->
     <application-policy name = "HsqlDbRealm">
        <authentication>
           <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
              flag = "required">
              <module-option name = "principal">sa</module-option>
              <module-option name = "userName">sa</module-option>
              <module-option name = "password"></module-option>
              <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
           </login-module>
        </authentication>
     </application-policy>


    <application-policy name = "FirebirdDBRealm">
        <authentication>
           <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
              flag = "required">
              <module-option name = "principal">sysdba</module-option>
              <module-option name = "userName">sysdba</module-option>
              <module-option name = "password">masterkey</module-option>
              <module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=FirebirdDS</module-option>
           </login-module>
        </authentication>                                                       
</authentication>
     </application-policy>


    <application-policy name = "JmsXARealm">
        <authentication>
           <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
              flag = "required">
              <module-option name = "principal">guest</module-option>
              <module-option name = "userName">guest</module-option>
              <module-option name = "password">guest</module-option>
              <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
           </login-module>
        </authentication>
     </application-policy>


    <!-- A template configuration for the jmx-console web application. This
       defaults to the UsersRolesLoginModule the same as other and should be
       changed to a stronger authentication mechanism as required.
     -->
     <application-policy name = "jmx-console">
        <authentication>
           <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
              flag = "required">
              <module-option>jmx-console-users.properties</module-option>  
              <module-option>jmx-console-roles.properties</module-option> 
           </login-module>
        </authentication>
     </application-policy>


    <!-- A template configuration for the web-console web application. This
       defaults to the UsersRolesLoginModule the same as other and should be
       changed to a stronger authentication mechanism as required.
     -->
     <application-policy name = "web-console">
        <authentication>
           <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
              flag = "required">
<module-option name="usersProperties">web-console-users.properties</module-option>
              <module-option name="rolesProperties">web-console-roles.properties</module-option>
           </login-module>
        </authentication>
     </application-policy>


    <!-- A template configuration for the JBossWS web application (and transport layer!).
       This defaults to the UsersRolesLoginModule the same as other and should be
       changed to a stronger authentication mechanism as required.
     -->
     <application-policy>
       <authentication>
         <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
           flag="required">
           <module-option name="unauthenticatedIdentity">anonymous</module-option>
         </login-module>
       </authentication>
     </application-policy>


    <!-- The default login configuration used by any security domain that
     does not have a application-policy entry with a matching name
     -->
     <application-policy name = "other">
        <!-- A simple server login module, which can be used when the number
        of users is relatively small. It uses two properties files:
        users.properties, which holds users (key) and their password (value).
        roles.properties, which holds users (key) and a comma-separated list of
        their roles (value).
        The unauthenticatedIdentity property defines the name of the principal
        that will be used when a null username and password are presented as is
        the case for an unuathenticated web client or MDB. If you want to
        allow such users to be authenticated add the property, e.g.,
        unauthenticatedIdentity="nobody"
        -->
        <authentication>
           <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
              flag = "required" />
        </authentication>
     </application-policy>


</policy>

4. edited jmx-console-users.properties for admin=admin

5. a) edited jmx-console-roles.properties for

# A sample roles.properties file for use with the UsersRolesLoginModule
admin=JBossAdmin,HttpInvoker

b) moved jmx-console-users.properties and jmx-console-roles.properties from

/usr/java/jboss-4.0.1sp1/server/site-minimal/deploy/jmx-console.war/WEB-INF/classes/jmx-console-users.properties
/usr/java/jboss-4.0.1sp1/server/site-minimal/deploy/jmx-console.war/WEB-INF/classes/jmx-console-roles.properties

/usr/java/jboss-4.0.1sp1/server/site-minimal/conf/

6. restarted jboss with /etc/init.d/jboss restart.

the problem is that it displays the login window but when you put in the username and password a blank page is displayed, but i still can browse http:\\(ip_add_of_server):8080 and not /jmx-console:

my directory listing are as follows.

/usr/java/jboss-4.0.1sp1/server/site-minimal/deploy/jmx-console.war/WEB-INF/web.xml
/usr/java/jboss-4.0.1sp1/server/site--minimal/conf/login-config.xml
/usr/java/jboss-4.0.1sp1/server/site-minimal/conf/jmx-console-users.properties
/usr/java/jboss-4.0.1sp1/server/site-minimal/conf/classes/jmx-console-roles.properties

6 b.

7.server log shows such error::

tail -f //usr/java/jboss-4.0.1sp1/server/usr/java/jboss/server/site-minimal/log/server.log

2010-07-01 00:31:37,632 ERROR [org.apache.coyote.tomcat5.CoyoteAdapter] An exception or error occurred in the container during the request processing
 java.lang.SecurityException: Unable to locate a login configuration
         at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:97)
         at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
         at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
         at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
         at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
         at java.lang.Class.newInstance0(Class.java:350)
         at java.lang.Class.newInstance(Class.java:303)
         at javax.security.auth.login.Configuration$3.run(Configuration.java:216)
         at java.security.AccessController.doPrivileged(Native Method)
         at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:210)
         at javax.security.auth.login.LoginContext$1.run(LoginContext.java:237)
         at java.security.AccessController.doPrivileged(Native Method)
         at javax.security.auth.login.LoginContext.init(LoginContext.java:234)
         at javax.security.auth.login.LoginContext.<init>(LoginContext.java:367)
         at javax.security.auth.login.LoginContext.<init>(LoginContext.java:444)
         at org.jboss.security.plugins.SubjectActions$LoginContextAction.run(SubjectActions.java:95)
         at java.security.AccessController.doPrivileged(Native Method)
         at org.jboss.security.plugins.SubjectActions.createLoginContext(SubjectActions.java:152)
         at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:479)
         at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:420)
         at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:237)
         at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:210)
         at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:239)
         at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:129)
         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
         at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:54)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
         at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
         at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
         at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
         at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
         at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
         at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
         at java.lang.Thread.run(Thread.java:595)
 Caused by: java.io.IOException: Unable to locate a login configuration
         at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:206)
         at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:95)
         ... 43 more

8. tail -f /usr/java/jboss-4.0.1sp1/server/usr/java/jboss/server/site-minimal/log/boot.log

00:31:10,865 INFO  [Server] Starting JBoss (MX MicroKernel)...
 00:31:10,866 INFO  [Server] Release ID: JBoss [Zion] 4.0.1sp1 (build: CVSTag=JBoss_4_0_1_SP1 date=200502160314)

Can, any of u guys help me??

1. Re: blank page on jmx-console

jbossq Jul 1, 2010 7:56 PM (in response to devils_lick)

according your usersProperties and rolesProperties settings in the login-config.xml, the jmx-console-users.properties and jmx-console-roles.properties should be put in the conf directory of your jboss instance.
Actions

2. Re: blank page on jmx-console

devils_lick Jul 19, 2010 5:03 PM (in response to jbossq)

i have treid with two different login-config.xml one with everything commented out(red one) except for  line and the other one with the copied version from default login-config.xml (i guess you are talking about the second one).

1.
<?xml version='1.0'?>
<!DOCTYPE policy PUBLIC
      "-//JBoss//DTD JBOSS Security Config 3.0//EN"
      "http://www.jboss.org/j2ee/dtd/security_config.dtd">




<!-- The XML based JAAS login configuration read by the
org.jboss.security.auth.login.XMLLoginConfig mbean. Add
an application-policy element for each security domain.



The outline of the application-policy is:
<application-policy name="security-domain-name">
  <authentication>
    <login-module code="login.module1.class.name" flag="control_flag">
      <module-option name = "option1-name">option1-value</module-option>
      <module-option name = "option2-name">option2-value</module-option>
      ...
    </login-module>



    <login-module code="login.module2.class.name" flag="control_flag">
      ...
    </login-module>
    ...
  </authentication>
</application-policy>



$Revision: 1.12.2.1 $
-->



<policy>
</policy>
2.
<?xml version='1.0'?>
<!DOCTYPE policy PUBLIC
      "-//JBoss//DTD JBOSS Security Config 3.0//EN"
      "http://www.jboss.org/j2ee/dtd/security_config.dtd">




<!-- The XML based JAAS login configuration read by the
org.jboss.security.auth.login.XMLLoginConfig mbean. Add
an application-policy element for each security domain.



The outline of the application-policy is:
<application-policy name="security-domain-name">
  <authentication>
    <login-module code="login.module1.class.name" flag="control_flag">
      <module-option name = "option1-name">option1-value</module-option>
      <module-option name = "option2-name">option2-value</module-option>
      ...
    </login-module>



    <login-module code="login.module2.class.name" flag="control_flag">
      ...
    </login-module>
    ...
  </authentication>
</application-policy>



$Revision: 1.12.2.1 $
-->



<policy>
    <!-- Used by clients within the application server VM such as
    mbeans and servlets that access EJBs.
    -->
    <application-policy name = "client-login">
       <authentication>
          <login-module code = "org.jboss.security.ClientLoginModule"
             flag = "required">
          </login-module>
       </authentication>
    </application-policy>



    <!-- Security domain for JBossMQ -->
    <application-policy name = "jbossmq">
       <authentication>
          <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
             flag = "required">


<module-option name = "unauthenticatedIdentity">guest</module-option>
             <module-option name = "dsJndiName">java:/DefaultDS</module-option>
             <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option>
             <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>
          </login-module>
       </authentication>
    </application-policy>



    <!-- Security domain for JBossMQ when using file-state-service.xml
    <application-policy name = "jbossmq">
       <authentication>
          <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
             flag = "required">
             <module-option name = "unauthenticatedIdentity">guest</module-option>
             <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
          </login-module>
       </authentication>
    </application-policy>
    -->



    <!-- Security domains for testing new jca framework -->
    <application-policy name = "HsqlDbRealm">
       <authentication>
          <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
             flag = "required">
             <module-option name = "principal">sa</module-option>
             <module-option name = "userName">sa</module-option>
             <module-option name = "password"></module-option>
             <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
          </login-module>
       </authentication>
    </application-policy>



    <application-policy name = "FirebirdDBRealm">
       <authentication>
          <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
             flag = "required">
             <module-option name = "principal">sysdba</module-option>
             <module-option name = "userName">sysdba</module-option>
             <module-option name = "password">masterkey</module-option>
             <module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=FirebirdDS</module-option>
          </login-module>
       </authentication>                                                       


</authentication>
    </application-policy>



    <application-policy name = "JmsXARealm">
       <authentication>
          <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
             flag = "required">
             <module-option name = "principal">guest</module-option>
             <module-option name = "userName">guest</module-option>
             <module-option name = "password">guest</module-option>
             <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
          </login-module>
       </authentication>
    </application-policy>



    <!-- A template configuration for the jmx-console web application. This
      defaults to the UsersRolesLoginModule the same as other and should be
      changed to a stronger authentication mechanism as required.
    -->
    <application-policy name = "jmx-console">
       <authentication>
          <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
             flag = "required">
             <module-option name="usersProperties">jmx-console-users.properties</module-option> <!--should i put in classes/jxm-console-user.properties here??-->
             <module-option name="rolesProperties">jmx-console-roles.properties</module-option> <!-- classes/jmx-console-roles.properties ??-->
          </login-module>
       </authentication>
    </application-policy>



    <!-- A template configuration for the web-console web application. This
      defaults to the UsersRolesLoginModule the same as other and should be
      changed to a stronger authentication mechanism as required.
    -->
    <application-policy name = "web-console">
       <authentication>
          <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
             flag = "required">


<module-option name="usersProperties">web-console-users.properties</module-option>
             <module-option name="rolesProperties">web-console-roles.properties</module-option>
          </login-module>
       </authentication>
    </application-policy>



    <!-- A template configuration for the JBossWS web application (and transport layer!).
      This defaults to the UsersRolesLoginModule the same as other and should be
      changed to a stronger authentication mechanism as required.
    -->
    <application-policy name="JBossWS">
      <authentication>
        <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
          flag="required">
          <module-option name="unauthenticatedIdentity">anonymous</module-option>
        </login-module>
      </authentication>
    </application-policy>



    <!-- The default login configuration used by any security domain that
    does not have a application-policy entry with a matching name
    -->
    <application-policy name = "other">
       <!-- A simple server login module, which can be used when the number
       of users is relatively small. It uses two properties files:
       users.properties, which holds users (key) and their password (value).
       roles.properties, which holds users (key) and a comma-separated list of
       their roles (value).
       The unauthenticatedIdentity property defines the name of the principal
       that will be used when a null username and password are presented as is
       the case for an unuathenticated web client or MDB. If you want to
       allow such users to be authenticated add the property, e.g.,
       unauthenticatedIdentity="nobody"
       -->
       <authentication>
          <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
             flag = "required" />
       </authentication>
    </application-policy>



</policy>

my directory structure is like this ::

/usr/java/jboss-4.0.1sp1/server/site-minimal/conf/login-config.xml
/usr/java/jboss-4.0.1sp1/server/site-minimal/deploy/jmx-console.war/WEB-INF/classes/jmx-console-users.properties

/usr/java/jboss-4.0.1sp1/server/site-minimal/deploy/jmx-console.war/WEB-INF/classes/jmx-console-roles.properties

so, can i do this::

<module-option name="usersProperties">jmx-console-users.properties</module-option> <!--should i replace it with

deploy/jmx-console.war/WEB-INF/classes/jmx-console-users.properties here??-->
<module-option name="rolesProperties">jmx-console-roles.properties</module-option> <!-- should i replace it with

deploy/jmx-console.war/WEB-INF/classes/jmx-console-roles.properties ??-->

3. Re: blank page on jmx-console

devils_lick Jul 2, 2010 9:57 PM (in response to devils_lick)

i copied the properties file into con directory but it is still not working?? any help would be greatly appreciated...
Actions
4. Re: blank page on jmx-console

jaikiran Jul 17, 2010 10:23 AM (in response to devils_lick)

Suraj Joshi wrote:

i copied the properties file into con directory but it is still not working?? any help would be greatly appreciated...
I gave up reading the post, half way through. With all those colours used and no formatting, it was really difficult to understand what's going on. Maybe you could add a reply, without using any colours and instead using the Syntax Highlighting options (notice the >> symbol in the forum editor, click it to see the options) in the forum editor, telling us what exactly is the problem you are running into.
Actions
5. Re: blank page on jmx-console

devils_lick Jul 19, 2010 5:04 PM (in response to jaikiran)

just updated the original post hope you can go through asap,
Actions

6. Re: blank page on jmx-console

jaikiran Jul 21, 2010 5:13 AM (in response to devils_lick)

2010-07-01 00:31:37,632 ERROR [org.apache.coyote.tomcat5.CoyoteAdapter] An exception or error occurred in the container during the request processing
 java.lang.SecurityException: Unable to locate a login configuration
         at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:97)
         at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
         at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
         at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
         at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
         at java.lang.Class.newInstance0(Class.java:350)
         at java.lang.Class.newInstance(Class.java:303)
         at javax.security.auth.login.Configuration$3.run(Configuration.java:216)
         at java.security.AccessController.doPrivileged(Native Method)
         at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:210)
         at javax.security.auth.login.LoginContext$1.run(LoginContext.java:237)
         at java.security.AccessController.doPrivileged(Native Method)
         at javax.security.auth.login.LoginContext.init(LoginContext.java:234)
         at javax.security.auth.login.LoginContext.<init>(LoginContext.java:367)
         at javax.security.auth.login.LoginContext.<init>(LoginContext.java:444)
         at org.jboss.security.plugins.SubjectActions$LoginContextAction.run(SubjectActions.java:95)
         at java.security.AccessController.doPrivileged(Native Method)
         at org.jboss.security.plugins.SubjectActions.createLoginContext(SubjectActions.java:152)

That exception is strange. Looks like it's not able to locate login-config.xml. How exactly do you start the server? What command do you use? Do you pass any params to the start command? And what JVM options have been set in the run.conf?

7. Re: blank page on jmx-console

jaikiran Jul 21, 2010 5:15 AM (in response to devils_lick)

By the way, any reason why you are using such an old version of JBoss AS?
Actions

8. Re: blank page on jmx-console

devils_lick Jul 21, 2010 10:54 AM (in response to jaikiran)

I use the initd to start stop my jboss server. Here is the content of that file

#!/bin/sh
#
# JBoss Control Script
#
# chkconfig: 3 80 20
# description: JBoss EJB Container
#
# To use this script
# run it as root - it will switch to the specified user
# It loses all console output - use the log.
#
# Here is a little (and extremely primitive)
# startup/shutdown script for RedHat systems. It assumes
# that JBoss lives in /usr/local/jboss, it's run by user
# 'jboss' and JDK binaries are in /usr/local/jdk/bin. All
# this can be changed in the script itself.
# Bojan
#
# Either amend this script for your requirements
# or just ensure that the following variables are set correctly
# before calling the script

# [ #420297 ] JBoss startup/shutdown for RedHat

#define where jboss is - this is the directory containing directories log, bin, conf etc
JBOSS_HOME=${JBOSS_HOME:-"/usr/java/jboss"}

#make java is on your path
JAVAPTH=${JAVAPTH:-"/usr/java/j2sdk1.4.2_07/bin"}

#define the classpath for the shutdown class
JBOSSCP=${JBOSSCP:-"$JBOSS_HOME/bin/shutdown.jar:$JBOSS_HOME/client/jnet.jar"}

#define the script to use to start jboss
JBOSSSH=${JBOSSSH:-"$JBOSS_HOME/bin/run.sh -c site-minimal"}

if [ -n "$JBOSS_CONSOLE" -a ! -d "$JBOSS_CONSOLE" ]; then
  # ensure the file exists
  touch $JBOSS_CONSOLE
fi

if [ -n "$JBOSS_CONSOLE" -a ! -f "$JBOSS_CONSOLE" ]; then
  echo "WARNING: location for saving console log invalid: $JBOSS_CONSOLE"
  echo "WARNING: ignoring it and using /dev/null"
  JBOSS_CONSOLE="/dev/null"
fi

#define what will be done with the console log
JBOSS_CONSOLE=${JBOSS_CONSOLE:-"/dev/null"}

#define the user under which jboss will run, or use RUNASIS to run as the current user
JBOSSUS=${JBOSSUS:-"jboss"}

CMD_START="$JBOSSSH"
CMD_STOP="java -classpath $JBOSSCP org.jboss.Shutdown --shutdown"

if [ "$JBOSSUS" = "RUNASIS" ]; then
  SUBIT=""
else
  SUBIT="su - $JBOSSUS -c "
fi

if [ -z "`echo $PATH | grep $JAVAPTH`" ]; then
  export PATH=$PATH:$JAVAPTH
fi

if [ ! -d "$JBOSS_HOME" ]; then
  echo JBOSS_HOME does not exist as a valid directory : $JBOSS_HOME
  exit 1
fi

case "$1" in
start)
    cd $JBOSS_HOME/bin
    if [ -z "$SUBIT" ]; then
        $CMD_START >${JBOSS_CONSOLE} 2>&1 &
    else
        $SUBIT "$CMD_START >${JBOSS_CONSOLE} 2>&1 &"
    fi
    ;;
stop)
    if [ -z "$SUBIT" ]; then
        $CMD_STOP
    else
        $SUBIT "$CMD_STOP"
    fi
    ;;
restart)
    $0 stop
    $0 start
    ;;
*)
    echo "usage: $0 (start|stop|restart|help)"
esac

and the run.conf file looks like this

## -*- shell-script -*- ######################################################
##                                                                          ##
##  JBoss Bootstrap Script Configuration                                    ##
##                                                                          ##
##############################################################################

### $Id: run.conf,v 1.6.4.3 2004/11/20 03:38:02 starksm Exp $

#
# This file is optional; it may be removed if not needed.
#

#
# Specify the maximum file descriptor limit, use "max" or "maximum" to use
# the default, as queried by the system.
#
# Defaults to "maximum"
#
#MAX_FD="maximum"

#
# Specify the profiler configuration file to load.
#
# Default is to not load profiler configuration file.
#
#PROFILER=""

#
# Specify the location of the Java home directory.  If set then $JAVA will
# be defined to $JAVA_HOME/bin/java, else $JAVA will be "java".
#
#JAVA_HOME="/opt/java/jdk"

#
# Specify the exact Java VM executable to use.
#
#JAVA=""

#
# Specify options to pass to the Java VM.
#
if [ "x$JAVA_OPTS" = "x" ]; then
   JAVA_OPTS="-server -Xms256m -Xmx1024m"
fi
# Sample JPDA settings for remote socket debuging
#JAVA_OPTS="$JAVA_OPTS -Xdebug -Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=y"

# Sample JPDA settings for shared memory debugging
#JAVA_OPTS="$JAVA_OPTS -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_shmem,server=y,suspend=n,address=jboss"

As far as the version that we are using is concerned, it was installed before i jonied the company. they had a plan to upgrade but it never got materialized.

Thanks for taking out your time to look at it.

9. Re: blank page on jmx-console

devils_lick Jul 28, 2010 7:47 PM (in response to devils_lick)

any solution to it guys...or you can give me a hint on how jboss and where jboss looks for its login-config.xml files.
Actions

10. Re: blank page on jmx-console

balderys Nov 26, 2011 7:48 AM (in response to devils_lick)

I had the same problem. It was caused by commented "SecurityConfig" and XMLLoginConfig" mbeans in /conf/jboss-service.xml

   <mbean code="org.jboss.security.plugins.SecurityConfig"
      name="jboss.security:service=SecurityConfig">
      <attribute name="LoginConfig">jboss.security:service=XMLLoginConfig</attribute>
   </mbean>
   <mbean code="org.jboss.security.auth.login.XMLLoginConfig"
      name="jboss.security:service=XMLLoginConfig">
      <attribute name="ConfigResource">login-config.xml</attribute>
   </mbean>

It leads to exception in comment 6

Go to original post