0 Replies Latest reply on Aug 19, 2016 1:58 PM by Rodrigo Burdet

    Login module UnauthorizedException

    Rodrigo Burdet Newbie


      Im trying to implement my own security manager for BPM 6.4 running in EAP 6.4 also. in which every user with roles defined in a variable in configuration/standalone.xml i.e serverRole should access


      For that purpose im trying with the following code, and trying to access some of the resources:






      What i get is the following error:

      ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (http-localhost.localdomain/ RESTEASY000100: Failed executing GET organizationalunits/: org.jboss.resteasy.spi.UnauthorizedException

      Thanks in advance

      package com.mycompany.module.loginmodule;
      import java.io.IOException;
      import java.security.Principal;
      import java.security.acl.Group;
      import java.util.Arrays;
      import java.util.List;
      import java.util.Map;
      import java.util.HashMap;
      import javax.security.auth.Subject;
      import javax.security.auth.callback.Callback;
      import javax.security.auth.callback.CallbackHandler;
      import javax.security.auth.callback.NameCallback;
      import javax.security.auth.callback.PasswordCallback;
      import javax.security.auth.callback.UnsupportedCallbackException;
      import javax.security.auth.login.FailedLoginException;
      import javax.security.auth.login.LoginException;
      import org.jboss.security.SimpleGroup;
      import org.jboss.security.SimplePrincipal;
      import org.jboss.security.Util;
      import org.jboss.security.auth.spi.AbstractServerLoginModule;
      import org.jboss.crypto.digest.DigestCallback;
      public class SimpleCustomLoginModule extends AbstractServerLoginModule
        private Principal identity;
        private char[] credential;
        private static final String SERVER_ROLE = "serverRole";
        private List<String> serverRoles;
        private static final String[] ALL_VALID_OPTIONS = { SERVER_ROLE };
        public void initialize(Subject subject, CallbackHandler callbackHandler,
          Map sharedState, Map options){
          String strRoles = (String) options.get(SERVER_ROLE);
          serverRoles = Arrays.asList(strRoles.split("\\s"));
          super.initialize(subject, callbackHandler, sharedState, options);
        // No password validations are made
        public boolean login() throws LoginException{
          System.out.println("GET LOGIN");
          String username = getUsername();
              identity = createIdentity(username);
              System.out.println("IDENTITY NAME :" + identity.getName());
          catch(Exception e){
              throw new LoginException("Failed to create principal: "+ e.getMessage());
          if( getUseFirstPass() == true ){
              sharedState.put("javax.security.auth.login.name", username);
              sharedState.put("javax.security.auth.login.password", credential);
              super.loginOk = true;
              return true;
        protected Principal getIdentity(){
              return identity;
        protected String getUsername() {
              String username = null;
              NameCallback nc = new NameCallback("User name: ", "guest");
              Callback[] cb = {nc};
          try {
              username = nc.getName();
          } catch (IOException e) {
          } catch (UnsupportedCallbackException e) {
              return username;
        protected Group[] getRoleSets() throws LoginException {
            System.out.println("GET ROLE SETS");
            Group roleGroup = new SimpleGroup("Roles");
            Group callerPrincipal = new SimpleGroup("CallerPrincipal");
            Group[] groups = { roleGroup, callerPrincipal };
            return groups;