2 Replies Latest reply on Jul 6, 2015 6:07 AM by ameo

    Jaas Login Module not working properly with AS 7.5.0.Final-redhat-21

    ameo

      Hello,

      my application use a custom JAAS login module, DataBaseLoginModule.

       

      After upgrading vom JBoss EAP 6.3.0.GA (AS 7.4.0.Final-redhat-19) to JBoss EAP 6.4.0.GA (AS 7.5.0.Final-redhat-21) the LoginModule does not work properly.

       

      The first time log in to the application everything is fine. But after log out an log in again the loggin fails.

       

      It seem that the callback classes are skipped or are not invoked. 

       

      JSF-Backing Bean

      public class LoginBean

          public void login() {

                  ....

                  request.login(userid, password);

                  ...

         }

      }

      Has anyone experience in this field ?

       

      Greetings,

      ameo

       

        • 1. Re: Jaas Login Module not working properly with AS 7.5.0.Final-redhat-21
          lylewang

          How do you add the login module ? JBoss configuration files ? Logs showing the error ? Your code snippet ?

           

          Here is the doc for doing this on 6.4:

          Red Hat JBoss Enterprise Application Platform 6.4 How to Configure Identity Management in JBoss Enterprise Application P…

          • 2. Re: Jaas Login Module not working properly with AS 7.5.0.Final-redhat-21
            ameo

            Hello,

            the module is defined in the JBoss configuraion file (standalone-full.xml).

            Now, after removing the tag cache-type="default" the login-module works fine.

             

            1) Login 2) logout and 3) Login again is working.

            During debugging I noticed at 3) Login that it seems that the inifinispan-cache was still alive and filled. So I removed the cache-type:

             

            <subsystem xmlns="urn:jboss:domain:security:1.2">

                        <security-domains>

                            ...

                            ...

                            <security-domain name="form-auth" cache-type="default">

                                <authentication>

                                    <login-module code="de.my.login.module.MyLoginModule" flag="required"/>

                                </authentication>

                            </security-domain>

                            <security-domain name="mydom" cache-type="default">   {removing the cache-type--> OK}

                                <authentication>

                                    <login-module code="de.my.login.module.MyLoginModule" flag="required">

                                        <module-option name="ignorePasswordCase" value="false"/>

                                    </login-module>

                                </authentication>

                            </security-domain>

                           

                      </security-domains>

            </subsystem>

             

            Greetings!