Using DatabaseServerLoginModule with a remote client in JBoss AS 7.1.1
woelfle Jun 12, 2012 5:48 AMHi,
we are currently porting a JEE application from JBoss 6 to JBoss 7.1.1. The application has no web interface but only a remote client based on Eclipse RCP. To authenticate clients the remote client uses a "javax.security.auth.login.LoginContext" to provide the required credentials. The Server is using the "DatabaseServerLoginModule" to authenticate all access to the applications security domain.
To port that application to JBoss 7.1.1 I've done the following:
I've configured a security-domain in the "standalone-full.xml":
<security-domain name="myDomain" cache-type="default">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName" value="jdbc/myDS"/>
<module-option name="principalsQuery" value="select u.password from users u left join authorizables a on u.id=a.id where a.name=?"/>
<module-option name="rolesQuery" value="SELECT 'user', 'Roles' FROM authorizables WHERE name=?"/>
</login-module>
</authentication>
</security-domain>
Next I've configured a security-realm:
<security-realm name="MyAppRealm">
<authentication>
<jaas name="myDomain"/>
</authentication>
</security-realm>
And last I've bound the remoting connector to my custom realm
<connector name="remoting-connector" socket-binding="remoting" security-realm="MyAppRealm"/>
Now when trying to access the server the following exception is thrown:
ERROR connection:99 - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
javax.naming.NamingException: Failed to create remoting connection [Root exception is java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed]
at org.jboss.naming.remote.client.ClientUtil.namingException(ClientUtil.java:36)
at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:121)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at my.SampleClient.login(SampleClient.java:110)
... 26 more
Caused by: java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.naming.remote.protocol.IoFutureHelper.get(IoFutureHelper.java:87)
at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:56)
at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateCachedNamingStore(InitialContextFactory.java:166)
at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateNamingStore(InitialContextFactory.java:139)
at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:104)
... 31 more
Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:365)
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)
at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.nio.NioHandle.run(NioHandle.java:90)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)
at ...asynchronous invocation...(Unknown Source)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)
at org.jboss.naming.remote.client.EndpointCache$EndpointWrapper.connect(EndpointCache.java:105)
at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:55)
... 34 more
Has anybody an idea what I've done wrong. Can anybody give me a hint on how to setup this scenario. I've been searching in the JBoss documentation but haven't found a solution for this problem.
Regards,
Thomas