-
1. Re: Authentication Problem with axis 1.4 on Jboss 5.1
real_thuri Jul 8, 2010 11:38 AM (in response to real_thuri)So I got it working.
Problem were method-permission expressions within the EJB Deployment descriptor. Seems Configuration needs to change because we're using a custom login provider which is called programmatically. Default configuration seems to add the EJB to the "other" security domain for which is configured to use UsersRolesLoginModule.
The method-permission expression included a role element which seems isn't needed. But i need to verify this.
sorry for the inconvenience.
-
2. Re: Authentication Problem with axis 1.4 on Jboss 5.1
amathewjboss1 Jul 8, 2010 9:17 PM (in response to real_thuri)I saw your posting saying it is fixed and i think we are having the same issue (except that i am not using AXIS). Below is the details of my issue. Can you help me on this please?
I am trying to migrate our application from Jboss 4.0.3 to JBoss_5_1_0_GA. I am getting the below error while invoking a EJB method:
12:31:03,246 ERROR [SecurityInterceptor] Error in Security Interceptor java.lang.SecurityException: Authentication exception, principal=null
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityContext(SecurityInterceptor.java:321)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:243)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:205)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java:136)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invokeHome(PreSecurityInterceptor.java:88)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132)
at org.jboss.ejb.plugins.CleanShutdownInterceptor.invokeHome(CleanShutdownInterceptor.java:216)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107)
at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:639)
at org.jboss.ejb.Container.invoke(Container.java:1046)
at sun.reflect.GeneratedMethodAccessor349.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
Below is from ejb-jar.xml file:
-------------------------------------------
<assembly-descriptor>
<security-role>principal_for_system</security-role>
---
</assembly-descriptor>
Below is from my all.pvo/conf/login-config.xml file
---------------------------------------------------------------------
<application-policy name="jwdomain">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="principal">PVOADMINP</module-option>
<module-option name="userName">pvoadmin</module-option>
<module-option name="password">pvoadmin</module-option>
<module-option name="usersProperties">props/jbosspvo-users.properties</module-option>
<module-option name="rolesProperties">props/jbosspvo-roles.properties</module-option>
</login-module>
<authentication>
<application-policy>
Below is my jboss.xml
--------------------------------
<jboss>
<security-domain>java:/jaas/jwdomain</security-domain>
<enterprise-beans>
---
</jboss>
I enabled the Jboss TRACE and i am getting the below info:
-------------------------------------------------------------------------------------
2010-07-08 12:31:03,241 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jwdomain] (main) defaultLogin, principal=null 2010-07-08 12:31:03,241 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (main) Begin getAppConfigurationEntry(jwdomain), size=12 2010-07-08 12:31:03,241 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (main) End getAppConfigurationEntry(jwdomain), authInfo=AppConfigurationEntry[]: [0]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=usersProperties, value=props/jbosspvo-users.properties
name=principal, value=PVOADMINP
name=userName, value=pvoadmin
name=rolesProperties, value=props/jbosspvo-roles.properties
name=password, value=****
2010-07-08 12:31:03,242 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) initialize
2010-07-08 12:31:03,242 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) Security domain: jwdomain
2010-07-08 12:31:03,242 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) findResource: null
2010-07-08 12:31:03,242 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) Properties file=vfsfile:/opt/pvo/cots/jboss-5.1.0.GA/server/all.pvo/conf/props/jbosspvo-users.properties, defaults=null
2010-07-08 12:31:03,242 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) Loaded properties, users=[pvoadmin]
2010-07-08 12:31:03,242 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) findResource: null
2010-07-08 12:31:03,243 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) Properties file=vfsfile:/opt/pvo/cots/jboss-5.1.0.GA/server/all.pvo/conf/props/jbosspvo-roles.properties, defaults=null
2010-07-08 12:31:03,243 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) Loaded properties, users=[pvoadmin]
2010-07-08 12:31:03,243 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) login
2010-07-08 12:31:03,243 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) Authenticating as unauthenticatedIdentity=null
2010-07-08 12:31:03,243 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) Bad password for username=null
2010-07-08 12:31:03,244 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) abort
2010-07-08 12:31:03,244 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jwdomain] (main) Login failure
javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252)
at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152)
---
at java.lang.Thread.run(Thread.java:619)
2010-07-08 12:31:03,237 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jwdomain] (main) End isValid, false
2010-07-08 12:31:03,237 TRACE [org.jboss.security.audit.providers.LogAuditProvider] (main) [Error]Source=org.jboss.security.javaee.EJBAuthenticationHelper;principal=null;method=create;
javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252)
at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152)
at sun.reflect.GeneratedMethodAccessor351.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
----------
2010-07-08 12:31:03,237 ERROR [org.jboss.ejb.plugins.SecurityInterceptor] (main) Error in Security Interceptor
java.lang.SecurityException: Authentication exception, principal=null
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityContext(SecurityInterceptor.java:321)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:243)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:205)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java:136)
-
3. Re: Authentication Problem with axis 1.4 on Jboss 5.1
real_thuri Jul 9, 2010 8:37 AM (in response to amathewjboss1)Hi,
I know the question seems a bit dumb but did you add the role and username to the property files?
I haven't seen an application-policy that already defines username and password. Are that the default-values?
Sorry but I really don't have any more ideas what the cause of the error could be beside missing configuration or a wrong password.