2 Replies Latest reply on Dec 14, 2001 2:30 PM by Luke Taylor

    security problem with latest jboss

    Tushar Mangrola Newbie

      Hi,

      I got the following problem with JBoss-2.4.3_Jetty-3.1.3-1 in security.It worked fine with JBoss-2.2.2_Jetty-3.1.RC5-6.

      Thanks.


      [Jetty] Security- User: XYZ.admin
      [Jetty] Security- created JBossUserRealm::User: XYZ.admin
      [Default] User 'XYZ.admin' authenticated.
      [Jetty] Security- User: XYZ.admin is authenticated
      [Jetty] WARNING: GET /PracticeVeterinary/servlet/SecureLoginUIServlet?Submit=Login HTTP/1.1
      java.lang.ClassCastException: java.lang.String
      at org.jboss.security.plugins.JaasSecurityManager.doesUserHaveRole(JaasSecurityManager.java:278)
      at org.jboss.jetty.JBossUserRealm$User.isUserInRole(JBossUserRealm.java:105)
      at org.mortbay.http.handler.SecurityHandler.authenticatedInRole(SecurityHandler.java:360)
      at org.mortbay.http.handler.SecurityHandler.handle(SecurityHandler.java:286)
      at org.mortbay.http.HandlerContext.handle(HandlerContext.java:1037)
      at org.mortbay.http.HandlerContext.handle(HandlerContext.java:992)
      at org.mortbay.http.HttpServer.service(HttpServer.java:699)
      at org.mortbay.http.HttpConnection.service(HttpConnection.java:745)
      at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:918)
      at org.mortbay.http.HttpConnection.handle(HttpConnection.java:760)
      at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:148)
      at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:287)
      at org.mortbay.util.ThreadPool$JobRunner.run(ThreadPool.java:716)
      at java.lang.Thread.run(Unknown Source)

        • 1. Re: security problem with latest jboss
          Binoy Shah Newbie

          Hi I am facing the same problem.. I have already configured JBoss-2.4.3_Jetty-3.1.3-1 with LDAPLogin Module but after successful authentication it fails with this error:
          at org.jboss.security.plugins.JaasSecurityManager.doesUserHaveRole(JaasSecurityManager.java:278)
          at org.jboss.jetty.JBossUserRealm$User.isUserInRole(JBossUserRealm.java:105)
          at org.mortbay.http.handler.SecurityHandler.authenticatedInRole(SecurityHandler.java:360)
          at org.mortbay.http.handler.SecurityHandler.handle(SecurityHandler.java:286)
          at org.mortbay.http.HandlerContext.handle(HandlerContext.java:1037)
          at org.mortbay.http.HandlerContext.handle(HandlerContext.java:992)
          at org.mortbay.http.HttpServer.service(HttpServer.java:699)
          at org.mortbay.http.HttpConnection.service(HttpConnection.java:745)
          at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:918)
          at org.mortbay.http.HttpConnection.handle(HttpConnection.java:760)
          at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:148)
          at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:287)
          at org.mortbay.util.ThreadPool$JobRunner.run(ThreadPool.java:716)
          at java.lang.Thread.run(Unknown Source)

          Let me know if you got the solution , till then i will start trying jboss 3

          • 2. Re: security problem with latest jboss
            Luke Taylor Novice

            It looks like you're looking at the following bug:

            http://sourceforge.net/tracker/index.php?func=detail&aid=487071&group_id=22866&atid=376685

            Try the current 2.4.4 beta release with Jetty.