6 Replies Latest reply on Apr 24, 2002 9:30 AM by Nigel White

    Login keeps failing

    Nigel White Newbie

      I have a web resource secured using the attached files.

      I have a datasource called java/:mySQL that works. I have some Entity beans using it.

      The login keeps failing.

      How can I get more logging info out of JAAS, or the DatabaseServerLoginModule?

      I have turned logging on in the XADataSource mbean in jboss.jcml, but it doesn't display the queries it is doing, or the results.

        • 1. Re: Login keeps failing
          Nigel White Newbie

          Not much help are you?.....

          I don't think the database is being queried. I re-started mySQL with the -log option, and some manual queries appeared in it, but the queries I would expect from JBoss didn't arrive.

          JBoss's console log outputs:

          [INFO,mySQL] No transaction right now.

          Whenever I try to log in. It looks like the datasource isn't allowing the DatabaseServerLoginModule to perform the query.

          Any ideas why?

          • 2. Re: Login keeps failing
            J. Wolfgang Kaltz Novice

            > How can I get more logging info out of JAAS, or the
            > DatabaseServerLoginModule?

            JAAS doesn't have any logging stuff.
            For the DatabaseServerLoginModule, have you tried setting your log4j log-level to DEBUG ? What messages does it log ? You say the login failed, but what are the messages you're getting that indicate this ?

            Note that if you're stuck you can of course always add your own debug statements into DatabaseServerLoginModule.java to trace what is happening.

            • 3. Re: Login keeps failing
              Nigel White Newbie

              Thanks for that! I changed the logging level to DEBUG.Now it tells me:

              [INFO,mySQL] No transaction right now.
              [DEBUG,Portal] Login failure
              javax.security.auth.login.FailedLoginException: No matching username found in Principals
              at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:97)
              at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:145)
              at java.lang.reflect.Method.invoke(Native Method)
              at javax.security.auth.login.LoginContext.invoke(LoginContext.java:595)
              at javax.security.auth.login.LoginContext.access$000(LoginContext.java:125)
              at javax.security.auth.login.LoginContext$3.run(LoginContext.java:531)
              at java.security.AccessController.doPrivileged(Native Method)
              at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:528)
              at javax.security.auth.login.LoginContext.login(LoginContext.java:449)
              at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:394)
              at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:361)
              at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:217)
              at org.jboss.web.catalina.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:253)
              at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:263)
              at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:459)
              at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
              at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
              at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
              at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
              at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
              at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2344)
              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
              at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
              at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
              at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170)
              at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
              at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
              at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:163)
              at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
              at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
              at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
              at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1011)
              at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1106)
              at java.lang.Thread.run(Unknown Source)

              I have typed in a valid user name. The data is there in mySQL:

              mysql> select users.handle, password, userroles.role, userroles.rolegroup
              from users, userroles
              where users.handle="fred" and userroles.handle="fred";
              +--------+----------+---------+-----------+
              | handle | password | role | rolegroup |
              +--------+----------+---------+-----------+
              | fred | fred | manager | manager |
              +--------+----------+---------+-----------+


              Still no queries arriving in the mySQL log file! It is not contacting the database server, but still complaining that the username is not found!

              PS: I don't have the source to manually debug the DatabaseServerLoginModule.

              • 4. Re: Login keeps failing
                Nigel White Newbie

                Well, I decompiled DatabaseServerLoginModule, and added a log message in when it prepared its SQL.

                The username which it is using in its PreparedStatement is null!

                My login form is right:

                <FORM method=post action=j_security_check>
                <TABLE cellPadding=14 align=center border=2 summary="Logon">

                User
                <INPUT type=text name=j_username/>


                Password
                <INPUT type=password name=j_password/>


                <INPUT type=submit src="" value="Logon"/>




                The password is set in the superclass, UsernamePasswordLoginModule, and the decompiler hangs when I try to decompile that.

                How come I have what looks like a blatant BUG in a commonly used feature? This make me think I MUST be doing something wrong!

                • 5. Re: Login keeps failing
                  J. Wolfgang Kaltz Novice

                  Sorry, I don't know about the login form (I use a custom form).
                  But at least you know how where your problem is located, there are other postings on the subject of login form.

                  By the way, you can download the source bundle of JBoss, and build it using "ant". Then it's easier to introspect any part of JBoss at any time.
                  (Hey it's open source, let's take advantage of that, don't need to decompile the stuff like in other products ;) )

                  • 6. Re: Login keeps failing
                    Nigel White Newbie

                    Looking more deeply, the Map sharedState passed into DatabaseServerLoginModule.initialize() does not contain the key:

                    "javax.security.auth.login.name"

                    which is how it finds the username.

                    There is a bug further down.