-
1. Re: JAAS Configuration
sfcoy Dec 29, 2011 6:28 PM (in response to dato.java)Have you looked at Security subsystem configuration ?
-
2. Re: JAAS Configuration
dato.java Dec 30, 2011 2:29 AM (in response to sfcoy)I have done following configuration:
in standalone/configuration/standalone.xml file i added following:
<security-domain name="MySecurityDomain">
<authentication>
<login-module code="com.david.MyLoginModule" flag="required"/>
</authentication>
</security-domain>
In jboss-web.xml i configured following:
<jboss-web>
<security-domain>java:/jaas/MySecurityDomain</security-domain>
</jboss-web>
And MyLoginModule is following:
public class MyLoginModule extends org.jboss.security.auth.spi.UsersRolesLoginModule {
private Logger log = Logger.getLogger(getClass());
private Subject subject;
private CallbackHandler callbackHandler;
private Map<String, ?> sharedState;
private Map<String, ?> options;
private boolean loginOk;
private boolean commitOk;
private org.jboss.security.SimplePrincipal principal;
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) {
// TODO Auto-generated method stub
this.subject = subject;
this.callbackHandler = callbackHandler;
this.sharedState = sharedState;
this.options = options;
}
public boolean login() throws LoginException {
try {
log.info("Authenticating...");
NameCallback nameCallback = new NameCallback("username");
PasswordCallback passwordCallback = new PasswordCallback("password", false);
Callback[] callbacks = new Callback[] { nameCallback, passwordCallback };
callbackHandler.handle(callbacks);
String username = nameCallback.getName();
String password = new String(passwordCallback.getPassword());
if (username.equals("admin") && password.equals("admin")) {
loginOk = true;
log.info("Authenticated");
principal = new SimplePrincipal(username);
} else {
log.info("Authentication failure");
loginOk = false;
}
} catch (Exception ex) {
loginOk = false;
log.error(ex.getMessage(), ex);
}
return loginOk;
}
@Override
public boolean commit() throws LoginException {
try {
log.info("Commiting...");
org.jboss.security.SimpleGroup finaGroup=new SimpleGroup("Roles");
finaGroup.addMember(principal);
subject.getPrincipals().add(finaGroup);
commitOk = true;
} catch (Exception ex) {
log.error(ex.getMessage(), ex);
commitOk = false;
}
return commitOk;
}
@Override
public boolean abort() throws LoginException {
log.info("Aborting...");
loginOk = false;
commitOk = false;
return false;
}
@Override
public boolean logout() throws LoginException {
// TODO Auto-generated method stub
return false;
}
}
But when i try to authenticate i get following exception:
{code}
11:20:02,229 INFO [com.david.MyLoginModule] (http--127.0.0.1-8080-1) Authenticating...
11:20:02,232 INFO [com.david.MyLoginModule] (http--127.0.0.1-8080-1) Authenticated
11:20:02,233 INFO [com.david.MyLoginModule] (http--127.0.0.1-8080-1) Commiting...
11:20:02,243 ERROR [org.jboss.as.web.security.JBossWebRealm] (http--127.0.0.1-8080-1) Error during authenticate(String,String): java.lang.NullPointerException
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:248) [jboss-as-web-7.1.0.CR1.jar:7.1.0.CR1]
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.7.Final.jar:]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:381) [jbossweb-7.0.7.Final.jar:]
at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.0.CR1.jar:7.1.0.CR1]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:151) [jboss-as-web-7.1.0.CR1.jar:7.1.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.7.Final.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.7.Final.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.7.Final.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.7.Final.jar:]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:897) [jbossweb-7.0.7.Final.jar:]
at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626) [jbossweb-7.0.7.Final.jar:]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2033) [jbossweb-7.0.7.Final.jar:]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_27]
{/code}
So what i miss? i tried to implement simple jaas loginmodule but result is same
-
3. Re: JAAS Configuration
nickarls Dec 30, 2011 2:56 AM (in response to dato.java)What line does the NPE come from?
-
4. Re: JAAS Configuration
dato.java Dec 30, 2011 2:57 AM (in response to nickarls)Cant understand your question
-
5. Re: JAAS Configuration
nickarls Dec 30, 2011 3:07 AM (in response to dato.java)Have you debugged into
finaGroup.addMember(principal);
subject.getPrincipals().add(finaGroup);
to see if principal is null at that point or anything in the second line evaluates to null as there appears to be a nullpointerexception
-
6. Re: JAAS Configuration
jaikiran Dec 30, 2011 3:10 AM (in response to dato.java)David Chokhonelidze wrote:
<jboss-web>
<security-domain>java:/jaas/MySecurityDomain</security-domain>
</jboss-web>
This is wrong. You should just be using the security domain name:
<jboss-web>
<security-domain>MySecurityDomain</security-domain>
</jboss-web>
-
7. Re: JAAS Configuration
dato.java Dec 30, 2011 3:26 AM (in response to jaikiran)I tried it but result is same ((
-
8. Re: JAAS Configuration
dato.java Dec 30, 2011 3:46 AM (in response to nickarls)I have added
subject.getPrincipals().add(principal);
in login() and worked fine, thanks