3 Replies Latest reply on Dec 30, 2008 9:23 AM by juergen.zimmermann

    security-jboss-beans.xml and DatabaseServerLoginModule

    juergen.zimmermann
    juergen.zimmermann Dec 29, 2008 2:13 PM

      I want to migrate my SAR archive with login-config.xml to security-jboss-beans.xml. However, I get this stacktrace. My META-INF/security-jboss-beans.xml is encapsulated in a JAR which is located in the EAR's lib directory.

      The stacktrace:

      20:09:50,991 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files
java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
 at org.jboss.security.auth.spi.Util.loadProperties(Util.java:198)
 at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
 at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
 at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
 at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
 at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
 at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
 at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
 at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
 at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
 at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
 at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
 at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258)
 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
 at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
 at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
 at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
 at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
 at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:905)
 at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:595)
 at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2036)
 at java.lang.Thread.run(Thread.java:619)


      This is my security-jboss-beans.xml: 
      <?xml version="1.0"?>
<deployment xmlns="urn:jboss:bean-deployer:2.0">
 <bean name="DynamicLoginConfig" class="org.jboss.security.auth.login.DynamicLoginConfig"/>

 <application-policy xmlns="urn:jboss:security-beans:1.0" name="hska">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
 <module-option name="dsJndiName">java:/hskaDS</module-option>
 <module-option name="unauthenticatedIdentity">gast</module-option>
 <module-option name="principalsQuery">
 SELECT ...
 FROM ...
 WHERE ...
 </module-option>
 <module-option name="rolesQuery">
 SELECT ...
 FROM ...
 WHERE ...
 </module-option>
 <module-option name="hashAlgorithm">SHA-1</module-option>
 <module-option name="hashEncoding">base64</module-option>
 </login-module>
 </authentication>
 <authorization>
 <policy-module
 code="org.jboss.security.authorization.modules.JACCAuthorizationModule"
 flag="required" />
 </authorization>
 </application-policy>
</deployment>


      • 732 Views
      • Tags:
        • 1. Re: security-jboss-beans.xml and DatabaseServerLoginModule
          alesj
          alesj Dec 29, 2008 3:44 PM (in response to juergen.zimmermann)

           

          "Juergen.Zimmermann" wrote:
          My META-INF/security-jboss-beans.xml is encapsulated in a JAR which is located in the EAR's lib directory.

          ear's lib is not part of sub-deployment,
          it's only part of ear's classpath.
          Hence your security-jboss-beans.xml is not deployed.

            • Actions
          • 2. Re: security-jboss-beans.xml and DatabaseServerLoginModule
            juergen.zimmermann
            juergen.zimmermann Dec 29, 2008 7:08 PM (in response to juergen.zimmermann)

            OK, now I placed security-jboss-beans.xml directly in server\default\deploy and get this stacktrace:

            2008-12-30 01:01:43,425 ERROR [org.jboss.kernel.plugins.dependency.AbstractKernelController] (main) Error installing to Start: name=DynamicLoginConfig state=Create
org.jboss.mx.util.MBeanProxyCreationException: null agent reference
 at org.jboss.mx.util.JMXInvocationHandler.<init>(JMXInvocationHandler.java:120)
 at org.jboss.mx.util.MBeanProxy.get(MBeanProxy.java:90)
 at org.jboss.mx.util.MBeanProxy.get(MBeanProxy.java:78)
 at org.jboss.security.auth.login.DynamicLoginConfig.validateAuthConfigURL(DynamicLoginConfig.java:269)
 at org.jboss.security.auth.login.DynamicLoginConfig.startService(DynamicLoginConfig.java:221)
 at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:376)
 at org.jboss.system.ServiceMBeanSupport.pojoStart(ServiceMBeanSupport.java:216)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at org.jboss.reflect.plugins.introspection.ReflectionUtils.invoke(ReflectionUtils.java:59)
 at org.jboss.reflect.plugins.introspection.ReflectMethodInfoImpl.invoke(ReflectMethodInfoImpl.java:150)
 at org.jboss.joinpoint.plugins.BasicMethodJoinPoint.dispatch(BasicMethodJoinPoint.java:66)
 at org.jboss.kernel.plugins.dependency.KernelControllerContextAction$JoinpointDispatchWrapper.execute(KernelControllerContextAction.java:241)
 at org.jboss.kernel.plugins.dependency.ExecutionWrapper.execute(ExecutionWrapper.java:47)
 at org.jboss.kernel.plugins.dependency.KernelControllerContextAction.dispatchExecutionWrapper(KernelControllerContextAction.java:109)
 at org.jboss.kernel.plugins.dependency.KernelControllerContextAction.dispatchJoinPoint(KernelControllerContextAction.java:70)
 at org.jboss.kernel.plugins.dependency.LifecycleAction.installActionInternal(LifecycleAction.java:221)
 at org.jboss.kernel.plugins.dependency.InstallsAwareAction.installAction(InstallsAwareAction.java:54)
 at org.jboss.kernel.plugins.dependency.InstallsAwareAction.installAction(InstallsAwareAction.java:42)
 at org.jboss.dependency.plugins.action.SimpleControllerContextAction.simpleInstallAction(SimpleControllerContextAction.java:62)
 at org.jboss.dependency.plugins.action.AccessControllerContextAction.install(AccessControllerContextAction.java:71)
 at org.jboss.dependency.plugins.AbstractControllerContextActions.install(AbstractControllerContextActions.java:51)
 at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:348)
 at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:1598)
 at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:934)
 at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1062)
 at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:984)
 at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:774)
 at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:540)
 at org.jboss.deployers.vfs.deployer.kernel.BeanMetaDataDeployer.deploy(BeanMetaDataDeployer.java:121)
 at org.jboss.deployers.vfs.deployer.kernel.BeanMetaDataDeployer.deploy(BeanMetaDataDeployer.java:51)
 at org.jboss.deployers.spi.deployer.helpers.AbstractSimpleRealDeployer.internalDeploy(AbstractSimpleRealDeployer.java:62)
 at org.jboss.deployers.spi.deployer.helpers.AbstractRealDeployer.deploy(AbstractRealDeployer.java:50)
 at org.jboss.deployers.plugins.deployers.DeployerWrapper.deploy(DeployerWrapper.java:171)
 at org.jboss.deployers.plugins.deployers.DeployersImpl.doDeploy(DeployersImpl.java:1439)
 at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:1157)
 at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:1178)
 at org.jboss.deployers.plugins.deployers.DeployersImpl.install(DeployersImpl.java:1098)
 at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:348)
 at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:1598)
 at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:934)
 at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1062)
 at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:984)
 at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:822)
 at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:553)
 at org.jboss.deployers.plugins.deployers.DeployersImpl.process(DeployersImpl.java:781)
 at org.jboss.deployers.plugins.main.MainDeployerImpl.process(MainDeployerImpl.java:545)
 at org.jboss.system.server.profileservice.ProfileServiceBootstrap.loadProfile(ProfileServiceBootstrap.java:304)
 at org.jboss.system.server.profileservice.ProfileServiceBootstrap.start(ProfileServiceBootstrap.java:205)
 at org.jboss.bootstrap.AbstractServerImpl.start(AbstractServerImpl.java:405)
 at org.jboss.Main.boot(Main.java:209)
 at org.jboss.Main$1.run(Main.java:547)
 at java.lang.Thread.run(Thread.java:619)


              • Actions
            • 3. Re: security-jboss-beans.xml and DatabaseServerLoginModule
              juergen.zimmermann
              juergen.zimmermann Dec 30, 2008 9:23 AM (in response to juergen.zimmermann)

              RESOLVED:

              1) security-jboss-beans.xml is placed in the top-level directory of the EAR project.
              2) In jboss-app.xml the file security-jboss-beans.xml is declared as a service module
              3) In security-jboss-beans.xml neither the bean tag nor the authorization tag is required.

                • Actions