2 Replies Latest reply on May 28, 2008 12:59 AM by Praveen Achuthan

    Help :CMP with encrypted Datasources in JBOSS 3.2.6 & 4.0.5

    Praveen Achuthan Newbie

      This is regarding access of datasources with security domain configured from a CMP entity bean.

      The summary of the problem is :CMP entity bean is failing to load having configured datasources with security domain.

      The exception is as below:
      java.lang.SecurityException: Invalid authentication attempt, principal=null
      at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(BaseConnectionManager2.java:666)
      at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnectionManager2.java:495)
      at org.jboss.resource.connectionmanager.BaseConnectionManager2$ConnectionManagerProxy.allocateConnection(BaseConnectionManager2.java:887)
      at org.jboss.resource.adapter.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:102)
      at org.jboss.ejb.plugins.cmp.jdbc.SQLUtil.fixTableName(SQLUtil.java:159)
      at org.jboss.ejb.plugins.cmp.jdbc.bridge.JDBCEntityBridge.init(JDBCEntityBridge.java:143)
      at org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.initStoreManager(JDBCStoreManager.java:420)
      at org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.start(JDBCStoreManager.java:353)
      at org.jboss.ejb.plugins.CMPPersistenceManager.start(CMPPersistenceManager.java:155)
      at org.jboss.ejb.EntityContainer.startService(EntityContainer.java:337)
      at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:271)
      at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:221)
      at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60)
      at org.jboss.mx.server.Invocation.dispatch(Invocation.java:62)
      at org.jboss.mx.server.Invocation.dispatch(Invocation.java:54)
      at org.jboss.mx.server.Invocation.invoke(Invocation.java:82)
      at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:197)
      at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
      at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:884)
      at $Proxy19.start(Unknown Source)
      at org.jboss.system.ServiceController.start(ServiceController.java:414)
      at sun.reflect.GeneratedMethodAccessor6.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60)
      at org.jboss.mx.server.Invocation.dispatch(Invocation.java:62)
      at org.jboss.mx.server.Invocation.dispatch(Invocation.java:54)
      at org.jboss.mx.server.Invocation.invoke(Invocation.java:82)
      at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:197)
      at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
      at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:176)
      at $Proxy42.start(Unknown Source)

      Is there any additional configuration that needs to be done for a CMP entity bean.

      The configuration details are as below.Following is the oracle-ds.xml

      <?xml version="1.0" encoding="UTF-8"?>

      <local-tx-datasource>
      <jndi-name>EntityMedia</jndi-name>
      <use-java-context>false</use-java-context>
      <connection-url>jdbc:oracle:thin:@TEST:1521:STEN4</connection-url>
      <driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
      <security-domain>EncryptedTESTDbRealm</security-domain>
      <valid-connection-checker-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleValidConnectionChecker</valid-connection-checker-class-name>
      <check-valid-connection-sql>select sysdate from dual</check-valid-connection-sql>
      <min-pool-size>10</min-pool-size>
      <max-pool-size>50</max-pool-size>
      <blocking-timeout-millis>30000</blocking-timeout-millis>
      <idle-timeout-minutes>15</idle-timeout-minutes>
      <exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter</exception-sorter-class-name>
      <track-statements>nowarn</track-statements>
      </local-tx-datasource>


      login-config.xml

      <application-policy name="EncryptedTESTDbRealm">

      <login-module code="org.jboss.resource.security.JaasSecurityDomainIdentityLoginModule" flag = "required">
      <module-option name="principal">test</module-option>
      <module-option name="username">test</module-option>
      <module-option name="password">2F1yKmeLvC7m6CTT3XHDyh</module-option>
      <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=EntityMedia</module-option>
      <module-option name="jaasSecurityDomain">jboss.security:service=JaasSecurityDomain,domain=ServerMasterPassword</module-option>
      </login-module>

      </application-policy>

      jboss-service.xml



      <!-- The opaque master password file used to decrypt the encrypted database password key -->
      {CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/deploy/server.password
      test
      9705


      Please help with your views.