4 Replies Latest reply on May 21, 2013 10:01 AM by dalbani

    Unable to login to JCR repository with credentials

    dalbani Newbie

      Hello,

       

      I've installed ModeShape 3.2.0.Final on Jboss EAP 6.1.

      Access through REST and WebDav works fine.

      However, I couldn't make my JCA-based application login to a JCR repository with credentials.

      Here's some sample code:

       

          @Resource(mappedName = "java:/jcr/myrepository")
          private javax.jcr.Repository repository;
      
          ...
          Credentials credentials = new SimpleCredentials("admin", "admin".toCharArray());
          Session session = repository.login(credentials);
      

       

      That generates an error:

       

      15:26:59,763 ERROR [org.jboss.security] (http-/0.0.0.0:8080-1) PBOX000261: Failed to load users/passwords/roles files: java.io.IOException: PBOX000072: Properties file modeshape-users.properties/defaultUsers.properties not found
              at org.jboss.security.auth.spi.Util.loadProperties(Util.java:212) [picketbox-4.0.16.Final-redhat-1.jar:4.0.16.Final-redhat-1]
              at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:205) [picketbox-4.0.16.Final-redhat-1.jar:4.0.16.Final-redhat-1]
              at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:219) [picketbox-4.0.16.Final-redhat-1.jar:4.0.16.Final-redhat-1]
              at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:146) [picketbox-4.0.16.Final-redhat-1.jar:4.0.16.Final-redhat-1]
              at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_21]
              at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_21]
              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_21]
              at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_21]
              at javax.security.auth.login.LoginContext.invoke(LoginContext.java:771) [rt.jar:1.7.0_21]
              at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_21]
              at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) [rt.jar:1.7.0_21]
              at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) [rt.jar:1.7.0_21]
              at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_21]
              at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) [rt.jar:1.7.0_21]
              at javax.security.auth.login.LoginContext.login(LoginContext.java:594) [rt.jar:1.7.0_21]
              at org.modeshape.jcr.security.JaasSecurityContext.<init>(JaasSecurityContext.java:115)
              at org.modeshape.jcr.security.JaasSecurityContext.<init>(JaasSecurityContext.java:82)
              at org.modeshape.jcr.security.JaasProvider.authenticate(JaasProvider.java:126)
              at org.modeshape.jcr.security.AuthenticationProviders.authenticate(AuthenticationProviders.java:72)
              at org.modeshape.jcr.JcrRepository.login(JcrRepository.java:624)
              at org.modeshape.jcr.JcrRepository.login(JcrRepository.java:152) 
      

       

      The file "modeshape-users.properties" does exist (mentioning admin & guest users). However, there's no file named "defaultUsers.properties" in my EAP install.

       

      What am I doing wrong ?

      How come the REST and WebDav apps manage to login to repositories with credentials? I couldn't find what makes the difference in their source code...

       

      Thanks a lot.

        • 1. Re: Unable to login to JCR repository with credentials
          Horia Chiorean Master

          Hi,

           

          Can you please post the XML section which correspons to your repository configuration ? This may very well be a bug.

          When you mention that REST & WebDAV work, what operations did you try via those services ?

          • 2. Re: Unable to login to JCR repository with credentials
            Horia Chiorean Master

            I just tried locally (via an Arquillian test) the same steps that you described above, using the sample repository from the kit and it worked fine.

             

            The problem that you're seeing might be related to https://issues.jboss.org/browse/MODE-1917, which is currently fixed in the master branch. If possible, try to build & test locally with a 3.3-SNAPSHOT, as the problem may be already fixed.

            • 3. Re: Unable to login to JCR repository with credentials
              dalbani Newbie

              Hi Horia,

               

              I've applied the small patch from the pull request referenced in MODE-1917 (https://github.com/ModeShape/modeshape/pull/803).

              Consequently I get this error:

               

              15:22:14,077 ERROR [org.modeshape.jcr.security.AuthenticationProviders] (http-/0.0.0.0:8080-1) Exception in the "org.modeshape.jcr.security.JaasProvider" authentication provider for repository "marchespublics": Configuration error: java.lang.ClassNotFoundException: com.sun.security.auth.login.ConfigFile from [Module "org.jboss.as.controller:main" from local module loader @11a51ce0 (finder: local module finder @6f0abf2c (roots: /srv/jboss/app/jboss-eap-6.1/modules,/srv/jboss/app/jboss-eap-6.1/modules/system/layers/base))]
              : java.lang.SecurityException: Configuration error: java.lang.ClassNotFoundException: com.sun.security.auth.login.ConfigFile from [Module "org.jboss.as.controller:main" from local module loader @11a51ce0 (finder: local module finder @6f0abf2c (roots: /srv/jboss/app/jboss-eap-6.1/modules,/srv/jboss/app/jboss-eap-6.1/modules/system/layers/base))]
              
                      at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:279) [rt.jar:1.7.0_21]
                      at javax.security.auth.login.LoginContext$1.run(LoginContext.java:254) [rt.jar:1.7.0_21]
                      at javax.security.auth.login.LoginContext$1.run(LoginContext.java:252) [rt.jar:1.7.0_21]
                      at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_21]
                      at javax.security.auth.login.LoginContext.init(LoginContext.java:251) [rt.jar:1.7.0_21]
                      at javax.security.auth.login.LoginContext.<init>(LoginContext.java:418) [rt.jar:1.7.0_21]
                      at org.modeshape.jcr.security.JaasSecurityContext.<init>(JaasSecurityContext.java:82)
                      at org.modeshape.jcr.security.JaasProvider.authenticate(JaasProvider.java:126)
                      at org.modeshape.jcr.security.AuthenticationProviders.authenticate(AuthenticationProviders.java:72)
                      at org.modeshape.jcr.JcrRepository.login(JcrRepository.java:624)
                      at org.modeshape.jcr.JcrRepository.login(JcrRepository.java:152)
              

               

              Has 3.3-SNAPSHOT introduced additional modifications in regard to this issue?

               

              As a reference, I've also included my "standalone-modeshape.xml" configuration file.

               

              Thanks for your help.

              • 4. Re: Unable to login to JCR repository with credentials
                dalbani Newbie

                Horia Chiorean wrote:

                 

                When you mention that REST & WebDAV work, what operations did you try via those services ?

                 

                By the way, when I said that REST and WebDAV work, I mean that they accept admin/admin credentials to login.