3 Replies Latest reply on Sep 11, 2013 4:53 AM by ybxiang.china

    JAAS security Realm issue(can't login)

    admin

      Hello everyone,

      I'm migrating an application to JBoss 7.1.1 final. In order to use the Jaas,  I defined a security domaine as below in the standalone.xml.

                      <security-domain name="other" cache-type="default">

      <authentication>

      <login-module code="Remoting" flag="optional">

                                  <module-option name="password-stacking" value="useFirstPass"/>

      </login-module>

      <login-module code="RealmUsersRoles" flag="required">

      <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>

      <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>

      <module-option name="realm" value="ApplicationRealm"/>

      <module-option name="password-stacking" value="useFirstPass"/>

      </login-module>

      </authentication>

      </security-domain>

      Then I created a user and affect him to the realm “ApplicationRealm” with a role “ADMIN, USER”. And in the jboss-app.xml file of my ear, I defined his security domain valued with “other”

      <jboss-app>

             <security-domain>other</security-domain>

             <loader-repository>com.tt.airman:framework=framework.ear

             </loader-repository>

      </jboss-app>

      The context root is "airman/framework". But when I try to login with my user using http://localhost:8080/airman/framework/. I’ve always an error on the console saying "password incorrect". I'm sure that the password and user name are correct. Does anyone have an idea? Tks in advance.

      22:57:39,963 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-localhost-127.0.0.1-8080-1) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required

             at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:270) [picketbox-4.0.7.Final.jar:4.0.7.Final]

             at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:155) [picketbox-4.0.7.Final.jar:4.0.7.Final]

             at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_26]

             at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_26]

             at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_26]

             at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_26]

             at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [rt.jar:1.6.0_26]

             at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [rt.jar:1.6.0_26]

             at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [rt.jar:1.6.0_26]

             at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_26]

             at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [rt.jar:1.6.0_26]

             at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [rt.jar:1.6.0_26]

             at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

             at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

             at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

             at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

             at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

             at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180) [jbossweb-7.0.13.Final.jar:]

             at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:]

             at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.1.Final.jar:7.1.1.Final]

             at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

             at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]

             at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]

             at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]

             at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]

             at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]

             at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]

             at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]

             at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_26]