0 Replies Latest reply on Jun 12, 2012 5:48 AM by woelfle

    Using DatabaseServerLoginModule with a remote client in JBoss AS 7.1.1

    woelfle
    woelfle Jun 12, 2012 5:48 AM

      Hi,

       

      we are currently porting a JEE application from JBoss 6 to JBoss 7.1.1. The application has no web interface but only a remote client based on Eclipse RCP. To authenticate clients the remote client uses a "javax.security.auth.login.LoginContext" to provide the required credentials. The Server is using the "DatabaseServerLoginModule" to authenticate all access to the applications security domain.

       

      To port that application to JBoss 7.1.1 I've done the following:

       

      I've configured a security-domain in the "standalone-full.xml":

       

      <security-domain name="myDomain" cache-type="default">

        <authentication>

          <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">

            <module-option name="dsJndiName" value="jdbc/myDS"/>

            <module-option name="principalsQuery" value="select u.password from users u left join authorizables a on u.id=a.id where a.name=?"/>

            <module-option name="rolesQuery" value="SELECT 'user', 'Roles' FROM authorizables WHERE name=?"/>

          </login-module>

        </authentication>

      </security-domain>

       

      Next I've configured a security-realm:

       

      <security-realm name="MyAppRealm">

        <authentication>

          <jaas name="myDomain"/>

        </authentication>

      </security-realm>

       

      And last I've bound the remoting connector to my custom realm

       

      <connector name="remoting-connector" socket-binding="remoting" security-realm="MyAppRealm"/>

       

      Now when trying to access the server the following exception is thrown:

       

      ERROR connection:99 - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

       

      javax.naming.NamingException: Failed to create remoting connection [Root exception is java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed]

          at org.jboss.naming.remote.client.ClientUtil.namingException(ClientUtil.java:36)

          at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:121)

          at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)

          at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)

          at javax.naming.InitialContext.init(InitialContext.java:223)

          at javax.naming.InitialContext.<init>(InitialContext.java:197)

          at my.SampleClient.login(SampleClient.java:110)

          ... 26 more

      Caused by: java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

          at org.jboss.naming.remote.protocol.IoFutureHelper.get(IoFutureHelper.java:87)

          at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:56)

          at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateCachedNamingStore(InitialContextFactory.java:166)

          at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateNamingStore(InitialContextFactory.java:139)

          at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:104)

          ... 31 more

      Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:365)

          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)

          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

          at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

          at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

          at org.xnio.nio.NioHandle.run(NioHandle.java:90)

          at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)

          at ...asynchronous invocation...(Unknown Source)

          at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)

          at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)

          at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)

          at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)

          at org.jboss.naming.remote.client.EndpointCache$EndpointWrapper.connect(EndpointCache.java:105)

          at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:55)

          ... 34 more

       

       

      Has anybody an idea what I've done wrong. Can anybody give me a hint on how to setup this scenario. I've been searching in the JBoss documentation but haven't found a solution for this problem.

       

      Regards,

      Thomas