-
1. Re: JBossAS 5 and @WebService with BASIC authentication
jaikiran May 5, 2009 5:08 AM (in response to fheldt)Can you please post the logs, including the TRACE level logs for the security package in AS? See Q4 here http://www.jboss.org/community/wiki/SecurityFAQ on how to enable TRACE level logging of security package.
-
2. Re: JBossAS 5 and @WebService with BASIC authentication
jaikiran May 5, 2009 5:08 AM (in response to fheldt)I only had to change the package name for the SecurityDomain Annotation
Which package do you use now? -
3. Re: JBossAS 5 and @WebService with BASIC authentication
fheldt May 6, 2009 8:07 AM (in response to fheldt)Here is the log (it's from 5.0.1.GA), same problem here...
2009-05-06 11:39:16,746 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:{} 2009-05-06 11:39:16,747 TRACE [org.jboss.web.tomcat.security.JaccContextValve] MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData@1f:principalToRoleSetMap{} 2009-05-06 11:39:16,751 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request POST /HCUCService/WebServiceEJB 2009-05-06 11:39:16,753 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[WebServiceEJB]' against POST /WebServiceEJB --> true 2009-05-06 11:39:16,754 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling hasUserDataPermission() 2009-05-06 11:39:16,755 DEBUG [org.apache.catalina.realm.RealmBase] User data constraint has no restrictions 2009-05-06 11:39:16,769 DEBUG [org.jboss.security.integration.JNDIBasedSecurityManagement] Creating SDC for domain=jboss-web-policy 2009-05-06 11:39:16,786 TRACE [org.jboss.security.plugins.JaasSecurityManager] Constructing 2009-05-06 11:39:16,802 DEBUG [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] CallbackHandler: org.jboss.security.auth.callback.JBossCallbackHandler@5b1f02 2009-05-06 11:39:16,802 DEBUG [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] CachePolicy set to: org.jboss.util.TimedCachePolicy@50c5b8 2009-05-06 11:39:16,802 DEBUG [org.jboss.security.integration.JNDIBasedSecurityManagement] setCachePolicy, c=org.jboss.util.TimedCachePolicy@50c5b8 2009-05-06 11:39:16,802 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED] 2009-05-06 11:39:16,817 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling authenticate() 2009-05-06 11:39:16,817 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Failed authenticate() test 2009-05-06 11:39:16,817 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-06 11:39:16,817 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-06 11:39:16,833 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:{} 2009-05-06 11:39:16,833 TRACE [org.jboss.web.tomcat.security.JaccContextValve] MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData@1f:principalToRoleSetMap{} 2009-05-06 11:39:16,848 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request POST /HCUCService/WebServiceEJB 2009-05-06 11:39:16,848 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[WebServiceEJB]' against POST /WebServiceEJB --> true 2009-05-06 11:39:16,848 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling hasUserDataPermission() 2009-05-06 11:39:16,848 DEBUG [org.apache.catalina.realm.RealmBase] User data constraint has no restrictions 2009-05-06 11:39:16,848 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED] 2009-05-06 11:39:16,848 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling authenticate() 2009-05-06 11:39:16,848 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] Begin authenticate, username=DHC.Heldt 2009-05-06 11:39:16,848 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] Begin isValid, principal:DHC.Heldt, cache info: null 2009-05-06 11:39:16,848 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] defaultLogin, principal=DHC.Heldt 2009-05-06 11:39:16,848 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(jboss-web-policy), size=11 2009-05-06 11:39:16,848 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(jboss-web-policy), authInfo=AppConfigurationEntry[]: [0] LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule ControlFlag: Anmeldemodul-Steuerflag: required Options: 2009-05-06 11:39:16,864 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] initialize 2009-05-06 11:39:16,864 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Security domain: other 2009-05-06 11:39:16,864 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null 2009-05-06 11:39:16,880 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule] Failed to load users/passwords/role files java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found at org.jboss.security.auth.spi.Util.loadProperties(Util.java:198) at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186) at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200) at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365) at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160) at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384) at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619) 2009-05-06 11:39:16,911 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] abort 2009-05-06 11:39:16,911 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] Login failure javax.security.auth.login.LoginException: Missing users.properties file. at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:148) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365) at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160) at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384) at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619) 2009-05-06 11:39:16,942 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] End isValid, false 2009-05-06 11:39:16,942 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] User: DHC.Heldt is NOT authenticated 2009-05-06 11:39:16,942 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] End authenticate, principal=null 2009-05-06 11:39:16,942 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Failed authenticate() test 2009-05-06 11:39:16,942 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-06 11:39:16,942 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-06 11:39:24,632 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:{} 2009-05-06 11:39:24,632 TRACE [org.jboss.web.tomcat.security.JaccContextValve] MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData@1f:principalToRoleSetMap{} 2009-05-06 11:39:24,648 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request POST /HCUCService/WebServiceEJB 2009-05-06 11:39:24,648 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[WebServiceEJB]' against POST /WebServiceEJB --> true 2009-05-06 11:39:24,648 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling hasUserDataPermission() 2009-05-06 11:39:24,648 DEBUG [org.apache.catalina.realm.RealmBase] User data constraint has no restrictions 2009-05-06 11:39:24,648 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED] 2009-05-06 11:39:24,648 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling authenticate() 2009-05-06 11:39:24,648 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] Begin authenticate, username=DHC.Heldt 2009-05-06 11:39:24,648 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] Begin isValid, principal:DHC.Heldt, cache info: null 2009-05-06 11:39:24,648 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] defaultLogin, principal=DHC.Heldt 2009-05-06 11:39:24,648 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(jboss-web-policy), size=11 2009-05-06 11:39:24,648 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(jboss-web-policy), authInfo=AppConfigurationEntry[]: [0] LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule ControlFlag: Anmeldemodul-Steuerflag: required Options: 2009-05-06 11:39:24,663 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] initialize 2009-05-06 11:39:24,663 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Security domain: other 2009-05-06 11:39:24,663 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null 2009-05-06 11:39:24,663 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule] Failed to load users/passwords/role files java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found at org.jboss.security.auth.spi.Util.loadProperties(Util.java:198) at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186) at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200) at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365) at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160) at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384) at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619) 2009-05-06 11:39:24,694 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] abort 2009-05-06 11:39:24,694 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] Login failure javax.security.auth.login.LoginException: Missing users.properties file. at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:148) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365) at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160) at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384) at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619) 2009-05-06 11:39:24,726 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-policy] End isValid, false 2009-05-06 11:39:24,726 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] User: DHC.Heldt is NOT authenticated 2009-05-06 11:39:24,726 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] End authenticate, principal=null 2009-05-06 11:39:24,726 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Failed authenticate() test 2009-05-06 11:39:24,726 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-06 11:39:24,726 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null
I tried to log in with 'DHC.Heldt'. Why is it using "jboss-web-policy"? -
4. Re: JBossAS 5 and @WebService with BASIC authentication
fheldt May 6, 2009 8:08 AM (in response to fheldt)The package is:
import org.jboss.security.annotation.SecurityDomain; -
5. Re: JBossAS 5 and @WebService with BASIC authentication
jaikiran May 6, 2009 8:19 AM (in response to fheldt)"fheldt" wrote:
The package is:
import org.jboss.security.annotation.SecurityDomain;
For JBossAS-5.x, you need to use @org.jboss.ejb3.annotation.SecurityDomain http://www.jboss.org/file-access/default/members/jbossejb3/freezone/docs/tutorial/1.0.6/html/Security_and_Transactions_in_EJB3.html -
6. Re: JBossAS 5 and @WebService with BASIC authentication
fheldt May 11, 2009 10:33 AM (in response to fheldt)OK, i changed the annotation to @org.jboss.ejb3.annotation.SecurityDomain and gave it another try (under JbossAS 5.0.1.GS), but it didn't work either... :-(
Any hints?2009-05-08 09:59:24,164 DEBUG [org.apache.catalina.connector.MapperListener] Handle jboss.web:type=RequestProcessor,worker=http-localhost%2F127.0.0.1-8080,name=HttpRequest1 type : JMX.mbean.registered 2009-05-08 09:59:24,164 DEBUG [org.apache.catalina.connector.MapperListener] Handle jboss.web:type=RequestProcessor,worker=http-localhost%2F127.0.0.1-8080,name=HttpRequest1 type : JMX.mbean.registered 2009-05-08 09:59:24,181 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:{} 2009-05-08 09:59:24,181 TRACE [org.jboss.web.tomcat.security.JaccContextValve] MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData@1f:principalToRoleSetMap{} 2009-05-08 09:59:24,196 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request GET /HCUCService/WebServiceEJB 2009-05-08 09:59:24,196 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[WebServiceEJB]' against GET /WebServiceEJB --> false 2009-05-08 09:59:24,196 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Not subject to any constraint 2009-05-08 09:59:24,196 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] Begin invoke, caller=null 2009-05-08 09:59:24,196 DEBUG [org.apache.catalina.core.StandardWrapper] Allocating non-STM instance 2009-05-08 09:59:24,196 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,196 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,212 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,212 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,274 DEBUG [org.apache.catalina.connector.MapperListener] Handle jboss.web:type=RequestProcessor,worker=http-localhost%2F127.0.0.1-8080,name=HttpRequest2 type : JMX.mbean.registered 2009-05-08 09:59:24,274 DEBUG [org.apache.catalina.connector.MapperListener] Handle jboss.web:type=RequestProcessor,worker=http-localhost%2F127.0.0.1-8080,name=HttpRequest2 type : JMX.mbean.registered 2009-05-08 09:59:24,274 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:{} 2009-05-08 09:59:24,274 TRACE [org.jboss.web.tomcat.security.JaccContextValve] MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData@1f:principalToRoleSetMap{} 2009-05-08 09:59:24,274 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request GET /HCUCService/WebServiceEJB 2009-05-08 09:59:24,274 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[WebServiceEJB]' against GET /WebServiceEJB --> false 2009-05-08 09:59:24,274 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Not subject to any constraint 2009-05-08 09:59:24,274 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] Begin invoke, caller=null 2009-05-08 09:59:24,274 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,274 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,321 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,321 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,321 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] End invoke, caller=null 2009-05-08 09:59:24,321 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-08 09:59:24,321 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-08 09:59:24,602 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,602 TRACE [org.jboss.web.tomcat.security.RunAsListener] WebServiceEJB, runAs: null 2009-05-08 09:59:24,602 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] End invoke, caller=null 2009-05-08 09:59:24,602 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-08 09:59:24,602 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-08 09:59:32,170 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1241769572170 sessioncount 0 2009-05-08 09:59:32,170 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 2009-05-08 09:59:32,170 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1241769572170 sessioncount 0 2009-05-08 09:59:32,170 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 2009-05-08 09:59:32,170 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1241769572170 sessioncount 0 2009-05-08 09:59:32,170 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 2009-05-08 09:59:32,171 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1241769572171 sessioncount 0 2009-05-08 09:59:32,171 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 2009-05-08 09:59:34,989 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:{} 2009-05-08 09:59:34,990 TRACE [org.jboss.web.tomcat.security.JaccContextValve] MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData@1f:principalToRoleSetMap{} 2009-05-08 09:59:34,990 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request POST /HCUCService/WebServiceEJB 2009-05-08 09:59:34,990 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[WebServiceEJB]' against POST /WebServiceEJB --> true 2009-05-08 09:59:34,990 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling hasUserDataPermission() 2009-05-08 09:59:34,990 DEBUG [org.apache.catalina.realm.RealmBase] User data constraint has no restrictions 2009-05-08 09:59:35,037 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.JACCAuthorizationModule:{}REQUIRED}is:[REQUIRED] 2009-05-08 09:59:35,081 TRACE [org.jboss.security.authorization.modules.web.WebJACCPolicyModuleDelegate] resourceCheck=false : userDataCheck=true : roleRefCheck=false 2009-05-08 09:59:35,081 TRACE [org.jboss.security.authorization.modules.web.WebJACCPolicyModuleDelegate] hasUserDataPermission, p=(javax.security.jacc.WebUserDataPermission / POST) 2009-05-08 09:59:35,081 TRACE [org.jboss.security.authorization.modules.web.WebJACCPolicyModuleDelegate] Denied: (javax.security.jacc.WebUserDataPermission / POST) 2009-05-08 09:59:35,081 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] REQUIRED failed for Name=org.jboss.security.authorization.modules.JACCAuthorizationModule:subject=Betreff: :role=Roles() 2009-05-08 09:59:35,081 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] Error in authorize: org.jboss.security.authorization.AuthorizationException: Authorization Failed: at org.jboss.security.plugins.authorization.JBossAuthorizationContext.invokeAuthorize(JBossAuthorizationContext.java:263) at org.jboss.security.plugins.authorization.JBossAuthorizationContext.access$000(JBossAuthorizationContext.java:67) at org.jboss.security.plugins.authorization.JBossAuthorizationContext$1.run(JBossAuthorizationContext.java:152) at java.security.AccessController.doPrivileged(Native Method) at org.jboss.security.plugins.authorization.JBossAuthorizationContext.authorize(JBossAuthorizationContext.java:148) at org.jboss.security.plugins.JBossAuthorizationManager.internalAuthorization(JBossAuthorizationManager.java:474) at org.jboss.security.plugins.JBossAuthorizationManager.authorize(JBossAuthorizationManager.java:124) at org.jboss.security.plugins.javaee.WebAuthorizationHelper.hasUserDataPermission(WebAuthorizationHelper.java:201) at org.jboss.web.tomcat.security.JBossWebRealm.hasUserDataPermission(JBossWebRealm.java:643) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:461) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Unknown Source) 2009-05-08 09:59:35,081 TRACE [org.jboss.security.plugins.javaee.WebAuthorizationHelper] hasRole check failed:Authorization Failed: org.jboss.security.authorization.AuthorizationException: Authorization Failed: at org.jboss.security.plugins.authorization.JBossAuthorizationContext.invokeAuthorize(JBossAuthorizationContext.java:263) at org.jboss.security.plugins.authorization.JBossAuthorizationContext.access$000(JBossAuthorizationContext.java:67) at org.jboss.security.plugins.authorization.JBossAuthorizationContext$1.run(JBossAuthorizationContext.java:152) at java.security.AccessController.doPrivileged(Native Method) at org.jboss.security.plugins.authorization.JBossAuthorizationContext.authorize(JBossAuthorizationContext.java:148) at org.jboss.security.plugins.JBossAuthorizationManager.internalAuthorization(JBossAuthorizationManager.java:474) at org.jboss.security.plugins.JBossAuthorizationManager.authorize(JBossAuthorizationManager.java:124) at org.jboss.security.plugins.javaee.WebAuthorizationHelper.hasUserDataPermission(WebAuthorizationHelper.java:201) at org.jboss.web.tomcat.security.JBossWebRealm.hasUserDataPermission(JBossWebRealm.java:643) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:461) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Unknown Source) 2009-05-08 09:59:35,081 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Failed hasUserDataPermission() test 2009-05-08 09:59:35,081 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null 2009-05-08 09:59:35,081 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null
-
7. Re: JBossAS 5 and @WebService with BASIC authentication
jaikiran May 13, 2009 12:05 PM (in response to fheldt)2009-05-06 11:39:24,648 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] Begin authenticate, user
name=DHC.Heldt
2009-05-06 11:39:24,648 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-pol
icy] Begin isValid, principal:DHC.Heldt, cache info: null
2009-05-06 11:39:24,648 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.jboss-web-pol
icy] defaultLogin, principal=DHC.Heldt
2009-05-06 11:39:24,648 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigu
rationEntry(jboss-web-policy), size=11
From what i see, the flow is not yet reaching the EJB layer. Its failing at the web level. Do you have any security constraints in the web.xml file and do you have a jboss-web.xml file? What are its contents? -
8. Re: JBossAS 5 and @WebService with BASIC authentication
fheldt May 18, 2009 6:03 AM (in response to fheldt)First, the deployed jar has neither web.xml or jboss-web.xml.
Second, the log you quote is from the @org.jboss.security.annotation.SecurityDomain version, the version with @org.jboss.ejb3.annotation.SecurityDomain hasn't even a single trace of the login name.
Looking at the log i find this entry before the error suspicious:2009-05-08 09:59:35,081 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] REQUIRED failed for Name=org.jboss.security.authorization.modules.JACCAuthorizationModule:subject=Betreff::role=Roles()
-
9. Re: JBossAS 5 and @WebService with BASIC authentication
bondchan921 Nov 15, 2012 8:34 PM (in response to fheldt)Have you solve this issue ? I have the same issue now