1 Reply Latest reply on Jan 2, 2015 8:53 AM by Stephan Prantl

    [Jboss AS 7.1.1 Final] Custom Login Module with custom error message always returns "Login Failure: all modules ignored".

    Olivier Masseau Newbie



      I have created a custom login module.

      It works great except that I want to return a custom error message when login fails.


      public boolean login() throws LoginException {
                     throw new LoginException("MY_CUSTOM_ERROR_MESSAGE");


      I need to display this custom error message in a jsf page.

      So in my jsf bean i have this to get the message:


      public String getLoginFailureMessage(){
              Exception e =  (Exception) SecurityContextAssociation.getContextInfo("org.jboss.security.exception");
              if (e != null)
                  return e.getMessage();
                  return null;


      The problem is that the exception message returned is always:


      Login Failure: all modules ignored

      If I look in my logs I always get two exceptions: one LoginException with my custom message followed by one LoginException with Login Failure: all modules ignored :

      10:43:15,862 ERROR [stderr] (http- javax.security.auth.login.LoginException: MY_CUSTOM_ERROR_MESSAGE
      10:43:15,864 ERROR [stderr] (http-     at com.real.aof.security.login.LimitedAttemptsLoginModule.login(LimitedAttemptsLoginModule.java:57)
      10:43:15,865 ERROR [stderr] (http-     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      10:43:15,866 ERROR [stderr] (http-     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      10:43:15,867 ERROR [stderr] (http-     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      10:43:15,868 ERROR [stderr] (http-     at java.lang.reflect.Method.invoke(Method.java:606)
      10:43:15,868 ERROR [stderr] (http-     at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
      10:43:15,891 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http- Login failure: javax.security.auth.login.LoginException: Login Failure: all modules ignored
          at javax.security.auth.login.LoginContext.invoke(LoginContext.java:935) [rt.jar:1.7.0_25]


      How can I get my custom message instead when calling SecurityContextAssociation.getContextInfo("org.jboss.security.exception") ? Is it possible ?

      Is there any other way to do it ?


      Thanks a lot for any help