loginmodule cannot see deployed resource adapter
armahdi Oct 30, 2015 3:27 AMThis is a similar problem to JCA and Class Loading on WildFly 8.2.0/9.0.0CR2 which I also stated at java - Wildfly Class Loading issue with jca resourceadapter - Stack Overflow
But this time i am using a loginmodule jar that was custom created. Its a small module with a class that uses MyConnectorSpec class which comes form the MyConnector.jar that is embedded inside the mycommunicatorappConnector.rar resourceadapter which i deploy by placing it in the deployments folder.
My login module is a jar that I have placed as a module under WFHOME/modules/com/mycomp/security/auth/spi/main/ With a module.xml
version1:
<module xmlns="urn:jboss:module:1.1" name="com.mycomp.security.auth.spi"> <resources> <resource-root path="LoginModules-1.18.jar"/> </resources> <dependencies> <module name="mycommunicatorappConnector-1.2.0.rar"/> <!--adding deployment. infront never works for me as suggested in some sites--> <module name="org.picketbox"/> <module name="javax.api"/> <module name="javax.jms.api"/> <module name="javax.transaction.api"/> <module name="javax.resource.api"/> <module name="com.progress.open4gl"/> <module name="org.apache.log4j"/> <module name="org.picketlink" /> <module name="org.picketlink.core"/> <!-- <module name="com.mycommunicatorapp.progressra"/> <module name="org.picketlink.core" meta-inf="import" annotations="true"/> <module name="org.picketlink.core.api" meta-inf="import" annotations="true"/> <module name="org.picketlink.idm" meta-inf="import" annotations="true"/> <module name="org.picketlink.idm.api" meta-inf="import" annotations="true"/>--> </dependencies> </module>
Then I deployed a webservice that uses a security domain, this is where the login module is referenced:
<security-domain name="remoteappws" cache-type="default"> <authentication> <login-module code="com.mycomp.security.auth.spi.StarbaseLoginModule" flag="required" module="com.mycomp.security.auth.spi"> <module-option name="dsJndiName" value="java:/eis/remoteApp"/> </login-module> </authentication> </security-domain>
upon retreiving my wsdl
by localhost:8080/remoteApp/remote.wsdl
the login module is triggered, and asks for username password. the user name and password is read and then the loginmodule tries to connect to the mycommunictaorApp using a class mycommunicatorappConnector-1.2.0.jar in the mycommunicatorappConnector-1.2.0.rar.
If i use the version1 i get
Caused by: org.jboss.modules.ModuleNotFoundException: deployment.mycommunicatorappConnector-1.2.0.rar:main
17:09:12,287 ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /shares/shares.wsdl: java.lang.RuntimeException: java.lang.RuntimeException: WFLYSEC0007: Runtime Exce
ption:
at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verifyCredential(JAASIdentityManagerImpl.java:140)
at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verify(JAASIdentityManagerImpl.java:94)
at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:118)
at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:233)
at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:250)
at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:219)
at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:121)
at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:96)
at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:89)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)
at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:72)
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:198)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:788)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.RuntimeException: WFLYSEC0007: Runtime Exception:
at org.jboss.as.security.plugins.ModuleClassLoaderLocator.get(ModuleClassLoaderLocator.java:62)
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:317)
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146)
at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verifyCredential(JAASIdentityManagerImpl.java:123)
... 32 more
Caused by: org.jboss.modules.ModuleNotFoundException: deployment.mycommunicatorappConnector-1.2.0.rar:main
at org.jboss.modules.Module.addPaths(Module.java:1042)
at org.jboss.modules.Module.link(Module.java:1398)
at org.jboss.modules.Module.relinkIfNecessary(Module.java:1426)
at org.jboss.modules.ModuleLoader.loadModule(ModuleLoader.java:238)
at org.jboss.as.security.plugins.SecurityActions.getModuleClassLoader(SecurityActions.java:48)
at org.jboss.as.security.plugins.ModuleClassLoaderLocator.get(ModuleClassLoaderLocator.java:53)
... 35 more
if i use the version2:
Another module.xml version2 that I used
<module xmlns="urn:jboss:module:1.1" name="com.mycomp.security.auth.spi"> <resources> <resource-root path="LoginModules-1.18.jar"/> </resources> <dependencies> <module name="com.mycommunicatorapp.progressra"/> <!-- this is a jar that is also present inside the <module name="org.picketbox"/> <module name="javax.api"/> <module name="javax.jms.api"/> <module name="javax.transaction.api"/> <module name="javax.resource.api"/> <module name="com.mycommunicatorapp.open4gl"/> <module name="org.apache.log4j"/> <module name="org.picketlink" /> <module name="org.picketlink.core"/> <!--<module name="org.picketlink.core" meta-inf="import" annotations="true"/> <module name="org.picketlink.core.api" meta-inf="import" annotations="true"/> <module name="org.picketlink.idm" meta-inf="import" annotations="true"/> <module name="org.picketlink.idm.api" meta-inf="import" annotations="true"/>--> </dependencies> </module
i get
javax.security.auth.login.LoginException: com.mycomp.mycommunicatorapp.MyCommunicatorAppConnectionSpec cannot be cast to com.mycomp.mycommunicatorapp.MyCommunicatorAppConnectionSpec
at com.mycomp.security.auth.spi.StarbaseLoginModule.login(StarbaseLoginModule.java:161)
at com.mycomp.security.auth.spi.StarbaseLoginModule.login(StarbaseLoginModule.java:102)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
If i run everything with -verbose:class -verbose:gc with version2 of the module.xml to explain everything it shows me this
[Loaded javax.naming.LinkRef from C:\Program Files\Java\jdk1.8.0_66\jre\lib\rt.jar]
16:59:00,897 INFO [com.mycomp.security.auth.spi.StarbaseLoginModule] (default task-2) factory created
16:59:00,898 INFO [com.mycomp.security.auth.spi.StarbaseLoginModule] (default task-2) MyCommunicatorAppConnectionSpec creating
[Loaded com.mycomp.mycommunicatorapp.MyCommunicatorAppConnectionSpec from jar:file:/C:/JAVA/WF9/wildfly-10.0.0.CR4/wildfly-10.0.0.CR4/modules/com/mycommunicatorapp/progressra/main/mycommunicatorappConnector-1.2.0.jar!/]
16:59:00,902 INFO [com.mycomp.security.auth.spi.StarbaseLoginModule] (default task-2) MyCommunicatorAppConnectionSpec created // this is using the JAR that I supplied externally
[Loaded com.mycomp.mycommunicatorapp.MyCommunicatorAppConnectionSpec from vfs:/C:/JAVA/WF9/wildfly-10.0.0.CR4/wildfly-10.0.0.CR4/bin/content/mycommunicatorappConnector-1.2.0.rar/mycommunicatorappConnector-1.2.0.jar]
16:59:00,903 INFO [com.mycomp.security.auth.spi.StarbaseLoginModule] (default task-2) login : Username Password excom.mycomp.mycommunicatorapp.MyCommunicatorAppConnectionSpec cannot be cast to com.mycomp.mycommunicatorapp.MyCommunicatorAppConnectionSpec
[Loaded java.lang.Throwable$PrintStreamOrWriter from C:\Program Files\Java\jdk1.8.0_66\jre\lib\rt.jar]
[Loaded java.lang.Throwable$WrappedPrintStream from C:\Program Files\Java\jdk1.8.0_66\jre\lib\rt.jar]
16:59:00,907 ERROR [stderr] (default task-2) java.lang.ClassCastException: com.mycomp.mycommunicatorapp.MyCommunicatorAppConnectionSpec cannot be cast to com.mycomp.mycommunicatorapp.MyCommunicatorAppConnectionSpec
What I understand is:
the login module was compiled with a jar inside the resourceadapter, If i can make the first version1 of module.xml work i think it should work but that doesnt. and in order to solve (workaround ) that issue i reference a jar externally which makes it load it twice once from inside the rar and once from the jar established in the modules directory in WF.
Also, i have tried this in WF9 and WF10.0.0CR4
With the link above with same issue but in an ear, this issue is from a jars perspective. Somehow I have some War projects that work fine. and they use the same strategy as in module.xml version1 and it doesnot complain.
I will really appreciate some insight.What am i missing or doing wrongly.
Thanks
Syed
P.S : how do i know if this is a classloading issue. Is there a way to know which classloader loaded which class it just said Loaded but doesn't specify which classloader?