1 2 Previous Next 22 Replies Latest reply: Aug 10, 2012 12:05 AM by Veer Muchandi Go to original post RSS
      • 15. Re: Authorizations @RolesAllowed(... @RunAs(..
        Veer Muchandi Newbie

        Hi Stephen

         

        I have configured my JBoss to use database as my JaaS login mechanism. When I register users from my business application, I am storing them in the database (Principals table) and the same user is used for authentication from JaaS. So, I cannot avoid DatabaseServerLoginModule for my testing.

         

        I am testing EJBs that use getUserPrincipal() and isCallerInRole() methods.

         

        Thanks

        Veer

        • 16. Re: Authorizations @RolesAllowed(... @RunAs(..
          Stephen Coy Master

          Ok. I understand your issue. Is there a stacktrace associated with the NotSerializableException?

          • 17. Re: Authorizations @RolesAllowed(... @RunAs(..
            Veer Muchandi Newbie

            Thanks Stephen. Here is the stack trace. I think the issue is not DatabaseServerLoginModule. I think this MapCallback is related to Digest authentication. In any case, I will let you look at it.

             

             

             

            java.lang.IllegalStateException: Error launching test com.myco.UserManagement.test.UserMgmtServiceTest public void com.myco.UserManagement.test.UserMgmtServiceTest.testFindUser() throws java.lang.Exception

                      at org.jboss.arquillian.protocol.servlet.ServletMethodExecutor.invoke(ServletMethodExecutor.java:122)

                      at org.jboss.arquillian.container.test.impl.execution.RemoteTestExecuter.execute(RemoteTestExecuter.java:120)

                      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

                      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

                      at java.lang.reflect.Method.invoke(Method.java:601)

                      at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)

                      at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99)

                      at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81)

                      at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134)

                      at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114)

                      at org.jboss.arquillian.core.impl.EventImpl.fire(EventImpl.java:67)

                      at org.jboss.arquillian.container.test.impl.execution.ClientTestExecuter.execute(ClientTestExecuter.java:57)

                      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

                      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

                      at java.lang.reflect.Method.invoke(Method.java:601)

                      at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)

                      at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99)

                      at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81)

                      at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createContext(ContainerEventController.java:130)

                      at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createTestContext(ContainerEventController.java:117)

                      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

                      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

                      at java.lang.reflect.Method.invoke(Method.java:601)

                      at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)

                      at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)

                      at org.jboss.arquillian.test.impl.TestContextHandler.createTestContext(TestContextHandler.java:82)

                      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

                      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

                      at java.lang.reflect.Method.invoke(Method.java:601)

                      at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)

                      at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)

                      at org.jboss.arquillian.test.impl.TestContextHandler.createClassContext(TestContextHandler.java:68)

                      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

                      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

                      at java.lang.reflect.Method.invoke(Method.java:601)

                      at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)

                      at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)

                      at org.jboss.arquillian.test.impl.TestContextHandler.createSuiteContext(TestContextHandler.java:54)

                      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

                      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

                      at java.lang.reflect.Method.invoke(Method.java:601)

                      at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)

                      at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)

                      at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134)

                      at org.jboss.arquillian.test.impl.EventTestRunnerAdaptor.test(EventTestRunnerAdaptor.java:111)

                      at org.jboss.arquillian.junit.Arquillian$6.evaluate(Arquillian.java:239)

                      at org.jboss.arquillian.junit.Arquillian$4.evaluate(Arquillian.java:202)

                      at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:290)

                      at org.jboss.arquillian.junit.Arquillian.access$100(Arquillian.java:45)

                      at org.jboss.arquillian.junit.Arquillian$5.evaluate(Arquillian.java:216)

                      at org.junit.rules.ExpectedException$ExpectedExceptionStatement.evaluate(ExpectedException.java:110)

                      at org.junit.rules.RunRules.evaluate(RunRules.java:18)

                      at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)

                      at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)

                      at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)

                      at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)

                      at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)

                      at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)

                      at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)

                      at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)

                      at org.jboss.arquillian.junit.Arquillian$2.evaluate(Arquillian.java:161)

                      at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:290)

                      at org.jboss.arquillian.junit.Arquillian.access$100(Arquillian.java:45)

                      at org.jboss.arquillian.junit.Arquillian$3.evaluate(Arquillian.java:175)

                      at org.junit.runners.ParentRunner.run(ParentRunner.java:300)

                      at org.jboss.arquillian.junit.Arquillian.run(Arquillian.java:123)

                      at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)

                      at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)

                      at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)

                      at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)

                      at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)

                      at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)

            Caused by: java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: org.jboss.security.auth.callback.MapCallback

                      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1351)

                      at java.io.ObjectInputStream.readObject(ObjectInputStream.java:369)

                      at org.jboss.arquillian.test.spi.ExceptionProxy.readExternal(ExceptionProxy.java:300)

                      at java.io.ObjectInputStream.readExternalData(ObjectInputStream.java:1810)

                      at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1769)

                      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1347)

                      at java.io.ObjectInputStream.readObject(ObjectInputStream.java:369)

                      at org.jboss.arquillian.test.spi.ExceptionProxy.readExternal(ExceptionProxy.java:295)

                      at java.io.ObjectInputStream.readExternalData(ObjectInputStream.java:1810)

                      at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1769)

                      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1347)

                      at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1964)

                      at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1888)

                      at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1771)

                      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1347)

                      at java.io.ObjectInputStream.readObject(ObjectInputStream.java:369)

                      at org.jboss.arquillian.protocol.servlet.ServletMethodExecutor.execute(ServletMethodExecutor.java:214)

                      at org.jboss.arquillian.protocol.servlet.ServletMethodExecutor.executeWithRetry(ServletMethodExecutor.java:140)

                      at org.jboss.arquillian.protocol.servlet.ServletMethodExecutor.invoke(ServletMethodExecutor.java:118)

                      ... 77 more

            Caused by: java.io.NotSerializableException: org.jboss.security.auth.callback.MapCallback

                      at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1180)

                      at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1528)

                      at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1493)

                      at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1416)

                      at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1174)

                      at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:346)

                      at org.jboss.arquillian.test.spi.ExceptionProxy.writeExternal(ExceptionProxy.java:358)

                      at java.io.ObjectOutputStream.writeExternalData(ObjectOutputStream.java:1443)

                      at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1414)

                      at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1174)

                      at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:346)

                      at org.jboss.arquillian.test.spi.ExceptionProxy.writeExternal(ExceptionProxy.java:341)

                      at java.io.ObjectOutputStream.writeExternalData(ObjectOutputStream.java:1443)

                      at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1414)

                      at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1174)

                      at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1528)

                      at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1493)

                      at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1416)

                      at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1174)

                      at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:346)

                      at org.jboss.arquillian.protocol.servlet.runner.ServletTestRunner.writeObject(ServletTestRunner.java:229)

                      at org.jboss.arquillian.protocol.servlet.runner.ServletTestRunner.executeTest(ServletTestRunner.java:163)

                      at org.jboss.arquillian.protocol.servlet.runner.ServletTestRunner.execute(ServletTestRunner.java:126)

                      at org.jboss.arquillian.protocol.servlet.runner.ServletTestRunner.doGet(ServletTestRunner.java:90)

                      at javax.servlet.http.HttpServlet.service(HttpServlet.java:734)

                      at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)

                      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)

                      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

                      at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62)

                      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

                      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

                      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)

                      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)

                      at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)

                      at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)

                      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)

                      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

                      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

                      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)

                      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)

                      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)

                      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)

                      at java.lang.Thread.run(Thread.java:722)

            • 18. Re: Authorizations @RolesAllowed(... @RunAs(..
              Stephen Coy Master

              Hmm,

               

              All I can suggest at this point is that you grab a copy of RFC2617Digest.java and MapCallback.java from the PicketBox project and make Serializable versions of them.

               

              Ideally, you would make a patch available back to the PicketBox project.

              • 19. Re: Authorizations @RolesAllowed(... @RunAs(..
                Veer Muchandi Newbie

                Thanks Stephen.

                 

                I just seem to have found a workaround for this.

                 

                1. I have modified your code (JBossLoginContextFactory) to support "org.jboss.security.auth.spi.DatabaseServerLoginModule" as shown below. I am calling this method instead of createUsersRolesLoginModuleConfigEntry() while creating  AppConfigurationEntry[].

                    

                     private AppConfigurationEntry createDatabaseModuleConfigEntry() {

                                 Map<String, String> options = new HashMap<String, String>();

                                 options.put("dsJndiName", "java:jboss/datasources/MysqlDS");

                                 options.put("principalsQuery", "select Password from Principals where PrincipalID=?");

                                 options.put("rolesQuery", "select Role, RoleGroup from Roles where PrincipalID=?");

                            return new AppConfigurationEntry("org.jboss.security.auth.spi.DatabaseServerLoginModule",

                                    AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);

                        }

                2. As I am using digest authentication, my password is encrypted in the database. So while passing the password from my test case, I am encrypting and passing the password as shown below.

                LoginContext loginContext = JBossLoginContextFactory.createLoginContext("username", md5Hex("my_username"+":"+PropertyManager.getProp("realm")+":"+"my_password"));

                 

                Now the log-in is successful !! So now I can use database as well as digest users. I will send the modified JBossLoginContextFactory, if you want to post it to code samples.

                 

                 

                Thanks a lot for your help and guidance. Your code helped me solve a nagging issue.

                 

                Veer Muchandi

                • 20. Re: Authorizations @RolesAllowed(... @RunAs(..
                  b69 Newbie

                  Hi Stephen,

                  1. I’m back on the problem.
                  2. I need to setup security on AS7.1 fist, which I haven’t done yet.
                  3. But I had setup for glassfish embedded, where the tests ran without security Annotations in the EJB.
                  4. So, this was my starting point. For this environment, I must say: no it doesn’t help.
                  5. I’ll attach some traces rather to highlight the problems found, than expecting an immediate help. Though of course getting it would be very nice.
                  6. I tried to inject the SessionContext, once with @Resource, and also with @Inject. Both cases fails with:
                    23.07.2012 17:01:25 org.glassfish.deployment.admin.DeployCommand execute
                    SCHWERWIEGEND: Exception while loading the app : WELD-001408 Unsatisfied dependencies for type [SessionContext] with qualifiers [@Default] at injection point [[field] @Inject ch.commcity.monterosa.ejb.impl.ProjectBeanTest.sessionContext]
                    org.jboss.weld.exceptions.DeploymentException: WELD-001408 Unsatisfied dependencies for type [SessionContext] with qualifiers [@Default] at injection point [[field] @Inject ch.commcity.monterosa.ejb.impl.ProjectBeanTest.sessionContext]
                  7. Conclusion, The SessionContext is not available. But Maybe I have the EJBContext! But this is neither the case:
                    23.07.2012 17:39:27 org.glassfish.deployment.admin.DeployCommand execute
                    SCHWERWIEGEND: Exception while loading the app : WELD-001408 Unsatisfied dependencies for type [EJBContext] with qualifiers [@Default] at injection point [[field] @Inject ch.commcity.monterosa.ejb.impl.ProjectBeanTest.ejbContext]
                    org.jboss.weld.exceptions.DeploymentException: WELD-001408 Unsatisfied dependencies for type [EJBContext] with qualifiers [@Default] at injection point [[field] @Inject ch.commcity.monterosa.ejb.impl.ProjectBeanTest.ejbContext]

                  I do setup the bean.xml with Shrinkwrap as follows:
                  @Deployment
                  public static JavaArchive createDeployment() {
                  JavaArchive arch = ShrinkWrap.create(JavaArchive.class, EJBProjectBeantest.jar");
                  arch.addPackage(Facets.class.getPackage());
                  arch.addPackage(DocumentKind.class.getPackage());
                  arch.addPackage(Projects.class.getPackage());
                  arch.addPackage(BusinessPersistencyException.class.getPackage());
                  arch.addPackage(ProjectBean.class.getPackage());
                  arch.addPackage(Project.class.getPackage());
                  arch.addAsResource("ldap.properties");
                  arch.addAsResource("enumKeyWords.properties");
                  arch.addAsManifestResource(EmptyAsset.INSTANCE, "beans.xml");
                  arch.addAsResource("test-persistence.xml", "META-INF/persistence.xml");
                  return arch;
                  }

                  I hope I can contribute with this for future smoother test setup.

                  • 21. Re: Authorizations @RolesAllowed(... @RunAs(..
                    Stephen Coy Master

                    You will only get a SessionContext if the bean is @Stateless or @Stateful or @Singleton. All of those WELD messages suggest that this may not be the case.

                    • 22. Re: Authorizations @RolesAllowed(... @RunAs(..
                      Veer Muchandi Newbie

                      Hi Stephen

                       

                      I realized that the change I made to the JBossLoginContextFactory to is not sufficient to support DatabaseServerLoginModule. As you can see below, I have just replaced the createUsersRolesLoginModuleConfigEntry() with       createDatabaseModuleConfigEntry().

                       

                       

                      public class JBossLoginContextFactory {

                       

                       

                          static class NamePasswordCallbackHandler implements CallbackHandler {

                              private  final String username;

                              private  final String password;

                       

                       

                       

                       

                              private NamePasswordCallbackHandler(String username, String password) {

                                  this.username = username;

                                  this.password = password;

                              }

                             

                       

                       

                              public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {

                                  for (Callback current : callbacks) {

                                      if (current instanceof NameCallback) {

                                          ((NameCallback) current).setName(username);

                                      } else if (current instanceof PasswordCallback) {

                                          ((PasswordCallback) current).setPassword(password.toCharArray());

                                      } else {

                                          throw new UnsupportedCallbackException(current);

                                      }

                                  }

                              }

                          }

                       

                       

                          static class JBossJaasConfiguration extends Configuration {

                              private final String configurationName;

                       

                       

                              JBossJaasConfiguration(String configurationName) {

                                  this.configurationName = configurationName;

                              }

                       

                       

                              @Override

                              public AppConfigurationEntry[] getAppConfigurationEntry(String name) {

                                  if (!configurationName.equals(name)) {

                                      throw new IllegalArgumentException("Unexpected configuration name '" + name + "'");

                                  }

                       

                       

                                  return new AppConfigurationEntry[] {

                                 

                      //replaced the UserRolesLoginModule with DatabaseServerLoginModule

                      //            createUsersRolesLoginModuleConfigEntry(),

                                  createDatabaseModuleConfigEntry(),

                       

                       

                                  createClientLoginModuleConfigEntry(),

                       

                       

                                  };

                              }

                       

                       

                       

                       

                              private AppConfigurationEntry createDatabaseModuleConfigEntry() {

                                  Map<String, String> options = new HashMap<String, String>();

                                  options.put("dsJndiName", "java:jboss/datasources/MysqlDS");

                                  options.put("principalsQuery", "select Password from Principals where PrincipalID=?");

                                  options.put("rolesQuery", "select Role, RoleGroup from Roles where PrincipalID=?");

                                 

                                 

                                  return new AppConfigurationEntry("org.jboss.security.auth.spi.DatabaseServerLoginModule",

                                          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);

                              }

                             

                              /**

                               * The {@link org.jboss.security.auth.spi.UsersRolesLoginModule} creates the association between users and

                               * roles.

                               *

                               * @return

                               */

                              private AppConfigurationEntry createUsersRolesLoginModuleConfigEntry() {

                                  Map<String, String> options = new HashMap<String, String>();

                                  return new AppConfigurationEntry("org.jboss.security.auth.spi.UsersRolesLoginModule",

                                          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);

                              }

                       

                       

                              /**

                               * The {@link org.jboss.security.ClientLoginModule} associates the user credentials with the

                               * {@link org.jboss.security.SecurityContext} where the JBoss security runtime can find it.

                               *

                               * @return

                               */

                              private AppConfigurationEntry createClientLoginModuleConfigEntry() {

                                  Map<String, String> options = new HashMap<String, String>();

                                  options.put("multi-threaded", "true");

                                  options.put("restore-login-identity", "true");

                       

                       

                                  return new AppConfigurationEntry("org.jboss.security.ClientLoginModule",

                                          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);

                              }

                          }

                       

                       

                       

                      This change takes care of  loginContext.login() call. This call is successful. But the  Subject.doAs method is throwing an exception.

                       

                      Subject.doAs(loginContext.getSubject(), new PrivilegedAction<Void>() {

                                          

                                                                                                                                 public Void run(){

                                                                                                                                            // I am performing privileged operation here

                                                                                                                                            return null;

                                                                    

                       

                                                                                                                                 } });

                       

                       

                      Exception:

                      Caused by: javax.security.auth.callback.UnsupportedCallbackException: PB00008: Unrecognized Callback

                                at org.jboss.security.auth.callback.JBossCallbackHandler.handleCallBack(JBossCallbackHandler.java:138) [picketbox-4.0.7.Final.jar:4.0.7.Final]

                                at org.jboss.security.auth.callback.JBossCallbackHandler.handle(JBossCallbackHandler.java:87) [picketbox-4.0.7.Final.jar:4.0.7.Final]

                                at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:969) [rt.jar:1.7.0]

                                at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:966) [rt.jar:1.7.0]

                                at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0]

                                at javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:965) [rt.jar:1.7.0]

                                at org.jboss.security.auth.spi.UsernamePasswordLoginModule.createPasswordHash(UsernamePasswordLoginModule.java:458) [picketbox-4.0.7.Final.jar:4.0.7.Final]

                                ... 151 more

                       

                       

                      As you can see above, it is still trying to use UsernamePasswordLoginModule instead of DatabaseServerLoginModule.

                       

                      Can you please suggest what additional changes I need to make to the JBossLoginContextFactory to fix this issue? I am guessing that I need to make some changes to NamePasswordCallBackHandler() and/or the handle() methods in your code. I appreciate your help.

                      1 2 Previous Next