2 Replies Latest reply on Jan 15, 2008 8:37 AM by Fabrizio Di Fonzo

    Authentication problem.

    Fabrizio Di Fonzo Newbie

      Hello everybody,
      I'm using jboss 4.2.2 and I've deployed a simple webservice as a pojo. When my webservice tries to access to an ejb I get the following error:

      javax.xml.rpc.ServiceException: java.rmi.AccessException: SecurityException; nested exception is:
       javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
       at ztc.webservice.WEBServiceImpl.init(Unknown Source)
       at org.jboss.wsf.container.jboss42.DefaultInvocationHandlerJAXRPC.invoke(DefaultInvocationHandlerJAXRPC.java:52)
       at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:220)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:408)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:272)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:189)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:122)
       at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:595)
      Caused by: java.rmi.AccessException: SecurityException; nested exception is:
       javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
       at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:388)
       at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:136)
       at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107)
       at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:637)
       at org.jboss.ejb.Container.invoke(Container.java:981)
       at sun.reflect.GeneratedMethodAccessor102.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
       at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:169)
       at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:118)
       at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:209)
       at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:195)
       at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:61)
       at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:70)
       at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:184)
       at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:100)
       at $Proxy77.create(Unknown Source)
       ... 27 more
      Caused by: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
       at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
       at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
       at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
       at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
       at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
       at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
       at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
       at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:211)
       at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:135)
       at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132)
      
      

      My web.xml looks like this:

      <?xml version="1.0" encoding="UTF-8"?>
      <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
       version="2.4">
      
      
       <servlet>
       <servlet-name>WEBServiceServlet</servlet-name>
       <servlet-class>ztc.webservice.WEBServiceImpl</servlet-class>
       </servlet>
      
       <servlet-mapping>
       <servlet-name>WEBServiceServlet</servlet-name>
       <url-pattern>/ZTCWEBService</url-pattern>
       </servlet-mapping>
      
      </web-app>


      I've added the following jboss-web.xml to my war:

      <?xml version="1.0" encoding="UTF-8"?>
      <jboss-web>
       <security-domain>java:/jaas/JBossWS</security-domain>
      </jboss-web>


      But I get the same error.
      Note that my login-config looks like this:

      <application-policy name="JBossWS">
       <authentication>
       <login-module code = "org.jboss.security.ClientLoginModule"
       flag = "required">
       <module-option name="multi-threaded" >true</module-option>
       </login-module>
       <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag="required">
       <module-option name="usersProperties">props/jbossws-users.properties</module-option>
       <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
       <module-option name="unauthenticatedIdentity">anonymous</module-option>
       </login-module>
       </authentication>
       </application-policy>
      

      Can anyone tell me where the mistake is?

      Tanks a lot, Fabrizio.

        • 1. Re: Authentication problem.
          Ilya Romanenko Newbie

          post part code where you do ws invoke

          • 2. Re: Authentication problem.
            Fabrizio Di Fonzo Newbie

            Hi rukus,
            here's the part of code of my pojo invoking EJB:

            public class WEBServiceImpl implements WEBService, ServiceLifecycle, CodeControl {
             ...............
             ..............
            
             public void init(Object arg0) throws ServiceException {
             InitialContext initCtx = null;
            
             try{
            
             initCtx = new InitialContext();
            
             FastLaneHome home = (FastLaneHome) PortableRemoteObject.narrow(initCtx.lookup("FastLane"), FastLaneHome.class);
            
             fastlane = (FastLane) home.create();
            
             }
            
             catch (CreateException e) {
            
             log.error("Creation error.");
            
             throw new ServiceException(e);
            
             }
            
             catch(NamingException ne) {
            
             log.error("ejbCreate() UNABLE to get a connection from FastLane");
            
             throw new ServiceException(ne);
            
             }
            
            
             catch(RemoteException re) {
            
             log.error("UNABLE to get a connection from FastLane");
            
             throw new ServiceException(re);
            
             }
            
             ...........
             ...........
            
             }
            
             ...........
             ...........
            
            }
            
            


            I'm using axis 1.4 to invoke the webservice. So the client looks like this:

            ZTCServerWEBServiceLocator locator = new ZTCServerWEBServiceLocator();
             stub = (WEBServiceBindingStub)locator.getWEBServicePort();
            
             stub.setUsername("myuser");
             stub.setPassword("mypwd");
            
             stub.myMethod();
            

            Consider that a similar approach worked fine with jboss-net. I'm indeed upgrading jboss 3.27 to jboss 4.2.2, thus I'm rewriting my old jboss-net based ws to jbossws.

            Many thanks, Fabrizio