3 Replies Latest reply on Dec 11, 2009 7:22 AM by wolfgangknauf

    DynamicLoginConfig - JBoss startup failed

    alexanderbell Dec 9, 2009 5:38 PM

      Hi,

      I want to use a dynamicLoginConfig which declares my database-LoginModule.

      My dynamicloginconfig-service.xml is located in my META-INF directory of my ear-File and looks like this

      <?xml version="1.0" encoding="UTF-8"?>
<server>
 <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
 name="jboss:service=DynamicLoginConfig">
 <attribute name="AuthConfig">
 META-INF/dynamic-login-config.xml
 </attribute>
 <depends optional-attribute-name="LoginConfigService">
 jboss.security:service=XMLLoginConfig
 </depends>
 <depends optional-attribute-name="SecurityManagerService">
 jboss.security:service=JaasSecurityManager
 </depends>
 </mbean>
</server>


      My dynamic-login-config.xml (defined by AuthConfig attribute) which is located in the META-INF directory of my ear-File as well looks like this 
      <?xml version="1.0" encoding="UTF-8"?>
<application-policy name="database-domain">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
 <module-option name="dsJndiName">
 java:/jdbc/PostgresDS
 </module-option>
 <module-option name="principalsQuery">
 SQL-Stat
 </module-option>
 <module-option name="rolesQuery">
 SQL-Stat
 </module-option>
 </login-module>
 </authentication>
</application-policy>


      On startup I get the following error 
      23:35:51,209 ERROR [org.jboss.kernel.plugins.dependency.AbstractKernelController] Error installing to Start: name=jboss:service=DynamicLoginConfig state=Create mode=Manual requiredState=Installed: org.jboss.security.auth.login.ParseException: Encountered "<?xml" at line 1, column 1.
Was expecting one of:
 <EOF>
 <IDENTIFIER> ...


      IMO all my xml-files are valid so I cannot understand the ParseException

      Any suggestions?

      Alex

      • 3090 Views
      • Tags:
        • 1. Re: DynamicLoginConfig - JBoss startup failed
          jaikiran
          jaikiran Dec 10, 2009 2:50 AM (in response to alexanderbell)

          The error is really misleading. The real problem with that dynamic-login-config.xml is that it doesn't follow the dtd. You are missing a "policy" element:

          <?xml version="1.0" encoding="UTF-8"?>
<policy>
 ...// the rest of what you have
</policy>


          By the way, starting AS-5, there's a simpler DynamicLoginConfig http://www.jboss.org/community/wiki/simplerapproachtoprovideapplicationspecificsecuritydomainconfiguration

            • Actions
          • 2. Re: DynamicLoginConfig - JBoss startup failed
            alexanderbell Dec 10, 2009 11:58 AM (in response to alexanderbell)

            Hi,

            thanks jaikiran but if I use the new way (of AS5) I get the following error:

            aused by: org.jboss.xb.binding.JBossXBException: Failed to parse source: {urn:jboss:bean-deployer:2.0}policy not found as a child of {urn:jboss:bean-deployer:2.0}deployment in unordered_sequence: {urn:jboss:bean-deployer:2.0}stop? {urn:jboss:bean-deployer:2.0}destroy? {urn:jboss:bean-deployer:2.0}annotation* {urn:jboss:bean-deployer:2.0}alias* {urn:jboss:bean-deployer:2.0}start? {urn:jboss:bean-deployer:2.0}classloader? {urn:jboss:bean-deployer:2.0}create? {choice}* {wildcard}*
 at org.jboss.xb.binding.parser.sax.SaxJBossXBParser.parse(SaxJBossXBParser.java:203)


            My sec-jboss-beans.xml looks like this 
            <?xml version="1.0" encoding="UTF-8"?>
<deployment xmlns="urn:jboss:bean-deployer:2.0">
 <application-policy name="database-domain">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
 <module-option name="dsJndiName">
 java:/jdbc/PostgresDS
 </module-option>
 <module-option name="principalsQuery">
 SQL
 </module-option>
 <module-option name="rolesQuery">
 SQL
 </module-option>
 </login-module>
 </authentication>
 </application-policy>
</deployment>


            So a Tag is missing between "deployment" and "application-policy" and it isn't "policy" because I tried it already.

            Thanks Alex

              • Actions
            • 3. Re: DynamicLoginConfig - JBoss startup failed
              wolfgangknauf
              wolfgangknauf Dec 11, 2009 7:22 AM (in response to alexanderbell)

              Hi,

              I think you miss a namespace in "application-policy":

              <application-policy xmlns="urn:jboss:security-beans:1.0" xsi:schemaLocation="urn:jboss:security-beans:1.0 security-beans_1_0.xsd"
 name="...">
 <authentication>
...


              Important: remove the newlines/spaces in the "dsJndiName" module-option! https://jira.jboss.org/jira/browse/SECURITY-421

              Hope this helps

              Wolfgang

                • Actions