8 Replies Latest reply on Dec 30, 2011 3:46 AM by David Chokhonelidze

    JAAS Configuration

    David Chokhonelidze Newbie

      Hello,

       

      I develop web application on JBoss AS 7.1.CR1 and need to implement Jaas LoginModule, on previos versions i know how to configure it via login-config.xml and jboss-web.xml but on JBoss AS 7.1 i was not able to find documentation about it, can you give me links of examples or tutorials about it?

        • 2. Re: JAAS Configuration
          David Chokhonelidze Newbie

          I have done following configuration:

           

          in standalone/configuration/standalone.xml file i added following:

           

          <security-domain name="MySecurityDomain">

                              <authentication>

                                  <login-module code="com.david.MyLoginModule" flag="required"/>

                              </authentication>

          </security-domain>

           

           

          In jboss-web.xml i configured following:

           

           

          <jboss-web>

              <security-domain>java:/jaas/MySecurityDomain</security-domain>

          </jboss-web>

           

           

          And MyLoginModule is following:

           

           

          public class MyLoginModule extends org.jboss.security.auth.spi.UsersRolesLoginModule {

           

              private Logger log = Logger.getLogger(getClass());

           

              private Subject subject;

              private CallbackHandler callbackHandler;

              private Map<String, ?> sharedState;

              private Map<String, ?> options;

           

              private boolean loginOk;

              private boolean commitOk;

           

              private org.jboss.security.SimplePrincipal principal;

           

              public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) {

                  // TODO Auto-generated method stub

                  this.subject = subject;

                  this.callbackHandler = callbackHandler;

                  this.sharedState = sharedState;

                  this.options = options;

              }

           

              public boolean login() throws LoginException {

                  try {

           

                      log.info("Authenticating...");

                      NameCallback nameCallback = new NameCallback("username");

                      PasswordCallback passwordCallback = new PasswordCallback("password", false);

                      Callback[] callbacks = new Callback[] { nameCallback, passwordCallback };

                      callbackHandler.handle(callbacks);

                      String username = nameCallback.getName();

                      String password = new String(passwordCallback.getPassword());

                      if (username.equals("admin") && password.equals("admin")) {

                          loginOk = true;

                          log.info("Authenticated");

                          principal = new SimplePrincipal(username);

           

                      } else {

                          log.info("Authentication failure");

                          loginOk = false;

                      }

                  } catch (Exception ex) {

                      loginOk = false;

                      log.error(ex.getMessage(), ex);

                  }

                  return loginOk;

              }

           

              @Override

              public boolean commit() throws LoginException {

                  try {

                      log.info("Commiting...");

                      org.jboss.security.SimpleGroup finaGroup=new SimpleGroup("Roles");

                      finaGroup.addMember(principal);

                      subject.getPrincipals().add(finaGroup);

                      commitOk = true;

                  } catch (Exception ex) {

                      log.error(ex.getMessage(), ex);

                      commitOk = false;

                  }

                  return commitOk;

              }

           

              @Override

              public boolean abort() throws LoginException {

                  log.info("Aborting...");

                  loginOk = false;

                  commitOk = false;

                  return false;

              }

           

              @Override

              public boolean logout() throws LoginException {

                  // TODO Auto-generated method stub

                  return false;

              }

          }

           

           

          But when i try to authenticate i get following exception:

           

          {code}

          11:20:02,229 INFO  [com.david.MyLoginModule] (http--127.0.0.1-8080-1) Authenticating...

          11:20:02,232 INFO  [com.david.MyLoginModule] (http--127.0.0.1-8080-1) Authenticated

          11:20:02,233 INFO  [com.david.MyLoginModule] (http--127.0.0.1-8080-1) Commiting...

          11:20:02,243 ERROR [org.jboss.as.web.security.JBossWebRealm] (http--127.0.0.1-8080-1) Error during authenticate(String,String): java.lang.NullPointerException

                  at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:248) [jboss-as-web-7.1.0.CR1.jar:7.1.0.CR1]

                  at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.7.Final.jar:]

                  at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:381) [jbossweb-7.0.7.Final.jar:]

                  at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.0.CR1.jar:7.1.0.CR1]

                  at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:151) [jboss-as-web-7.1.0.CR1.jar:7.1.0.CR1]

                  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.7.Final.jar:]

                  at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.7.Final.jar:]

                  at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.7.Final.jar:]

                  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.7.Final.jar:]

                  at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:897) [jbossweb-7.0.7.Final.jar:]

                  at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626) [jbossweb-7.0.7.Final.jar:]

                  at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2033) [jbossweb-7.0.7.Final.jar:]

                  at java.lang.Thread.run(Thread.java:662) [:1.6.0_27]

          {/code}

           

          So what i  miss? i tried to implement simple jaas loginmodule but result is same

          • 3. Re: JAAS Configuration
            Nicklas Karlsson Master

            What line does the NPE come from?

            • 4. Re: JAAS Configuration
              David Chokhonelidze Newbie

              Cant understand your question

              • 5. Re: JAAS Configuration
                Nicklas Karlsson Master

                Have you debugged into

                 

                            finaGroup.addMember(principal);

                            subject.getPrincipals().add(finaGroup);

                 

                 

                to see if principal is null at that point or anything in the second line evaluates to null as there appears to be a nullpointerexception

                • 6. Re: JAAS Configuration
                  jaikiran pai Master

                  David Chokhonelidze wrote:

                   

                  <jboss-web>

                      <security-domain>java:/jaas/MySecurityDomain</security-domain>

                  </jboss-web>

                   

                   

                  This is wrong. You should just be using the security domain name:

                  <jboss-web>

                      <security-domain>MySecurityDomain</security-domain>

                  </jboss-web>

                  • 7. Re: JAAS Configuration
                    David Chokhonelidze Newbie

                    I tried it but result is same ((

                    • 8. Re: JAAS Configuration
                      David Chokhonelidze Newbie

                      I have added

                       

                      subject.getPrincipals().add(principal);

                       

                      in login() and worked fine, thanks