1 Reply Latest reply on Jun 1, 2012 4:05 AM by pep grifell

    Authentication exception, principal=null when calling SLSB from another SLSB called from MDB (JBoss 6.1.0)

    pep grifell Newbie

      hi,

       

      I'm migrating our application from JBoss 4.2.3 to JBoss 6.1.0.

       

      All EJB's are EJB2.1. The applications works fine in JBoss 4.2.3.

       

      When an MDB receives and element from the queue, it calls a Remote EJB (EJB 2.1). That EJB calls another remote EJB and it's here where I get this error:

       

      2012-05-21 17:38:02,684 ERROR [org.jboss.ejb.plugins.SecurityInterceptor] (pool-1-thread-15) Error in Security Interceptor: java.lang.SecurityException: Authentication exception, principal=null
                at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityContext(SecurityInterceptor.java:322) [:6.1.0.Final]
                at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:243) [:6.1.0.Final]
                at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:205) [:6.1.0.Final]
                at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java:160) [:6.1.0.Final]
                at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invokeHome(PreSecurityInterceptor.java:91) [:6.1.0.Final]
                at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132) [:6.1.0.Final]
                at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107) [:6.1.0.Final]
                at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:639) [:6.1.0.Final]
                at org.jboss.ejb.Container.invoke(Container.java:1089) [:6.1.0.Final]
                at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invokeHome(BaseLocalProxyFactory.java:362) [:6.1.0.Final]
                at org.jboss.ejb.plugins.local.LocalHomeProxy.invoke(LocalHomeProxy.java:133) [:6.1.0.Final]
                at $Proxy416.create(Unknown Source)          at com.nte.anthema.persistence.TPPersistors.getForControl(TPPersistors.java:98) [:]
                at com.nte.anthema.biz.ControlManagerBean.loadDetailed(ControlManagerBean.java:202) [:]
      

       

      THe application uses JAAS.

       

      My auth.conf:

       

      srp-client {
         // Example client auth.conf for using the SRPLoginModule
         org.jboss.security.srp.jaas.SRPLoginModule required
         password-stacking="useFirstPass"
         principalClassName="org.jboss.security.SimplePrincipal"
         srpServerJndiName="SRPServerInterface"
         debug=true
                ;
      
         // jBoss LoginModule
         org.jboss.security.ClientLoginModule  required
         password-stacking="useFirstPass"
         ;
      
      
         // Put your login modules that need jBoss here
      };
      
      
      other {
         // jBoss LoginModule
         org.jboss.security.ClientLoginModule  required
         multi-threaded=false;
            // Put your login modules that need jBoss here
      };
      

       

       

      I attach login-config.xml where we define our custom login module (AnthemaJBossLoginModule that inherits from UsernamePasswordLoginModule).

       

      in jboss.xml I define: <security-domain>java:/jaas/anthema</security-domain>

       

      and in ejb-jar.xml I define a run-as for the MDB:

       




      <security-identity>




      <description/>




      <run-as>





      <description/>





      <role-name>SYSTEM</role-name>




      </run-as>



      </security-identity>

       

      The error is produced when the first Session Bean (called from MDB) tries to do a lookup to the second Session Bean.

      When calling home.create(),  it goes to my custom login module (AnthemaJBossLoginModule) and when the method getUsername() is called, it returns null. In AnthemaJBossLoginModule I load the user from DB, and becasue of the 'null' obtained, I get the error posted at the beggining.

       

      When the MDB calls the first Session Bean, the AnthemaJBossLoginModule is not called.

       

      I'm doing somehting wrong or missing to configure something ?

       

      Thanks !