2 Replies Latest reply on Jun 26, 2002 8:25 AM by Vincent

    "Query failed" with DatabaseServerLoginModule after 2.4.5

    Jason Evans Newbie

      Hello,

      I am using the DatabaseServerLoginModule to authenticate users to my web application. This worked fine with 2.4.4/Tomcat4.0.1, but I just upgraded to 2.4.5, and now I can't login in - I just keep getting the popup HTTP login box, and in the server log I get the following error:

      [INFO,JaasSecurityManagerService] Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@4ab40a
      [INFO,JaasSecurityManagerService] setCachePolicy, c=org.jboss.util.TimedCachePolicy@bd669d
      [INFO,JaasSecurityManagerService] Added star, org.jboss.security.plugins.SecurityDomainContext@9be6ee to map
      [INFO,XAPoolDataSource] Creating XA Pool
      [INFO,XAPoolDataSource] Creating XA Pool
      [ERROR,DatabaseServerLoginModule] Query failed
      java.sql.SQLException: JZ0S2: Statement object has already been closed.
      at com.sybase.jdbc2.jdbc.ErrorMessage.raiseError(ErrorMessage.java:498)
      at com.sybase.jdbc2.jdbc.SybStatement.checkDead(SybStatement.java:1715)
      at com.sybase.jdbc2.jdbc.SybPreparedStatement.setString(SybPreparedStatement.java:249)
      at org.jboss.pool.jdbc.PreparedStatementInPool.setString(PreparedStatementInPool.java:182)
      at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:99)
      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:142)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:664)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:599)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:596)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:523)
      at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:363)
      at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:330)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:196)
      at org.jboss.web.catalina.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:281)
      at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:161)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:503)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
      at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
      at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2343)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
      at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:468)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
      at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1012)
      at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1107)
      at java.lang.Thread.run(Thread.java:536)


      Anyone have any ideas?

      Thanks

        • 2. Re: "Query failed" with DatabaseServerLoginModule after 2.4.
          Vincent Newbie

          I have been trying to use the DatabaseServerLoginModule to authenticate users to my web application too. I am using JBoss-2.4.3_Tomcat-3.2.3 & jdk1.3.1. The login box keeps popping up but my password seems to be incorrect all the time. However, password should be correct.

          I was not able to see any login error or msg from server console but I beleieve there must be some problems.

          Please help and see my files attached. Thanks!


          \WEB-INF\jboss-web.xml
          -------------------------
          </jboss-web><?xml version="1.0"?>
          <jboss-web>
          <security-domain>java:/jaas/ipac20admin</security-domain>
          </jboss-web>

          \WEB-INF\web.xml
          -----------------
          <security-constraint>
          <web-resource-collection>
          <web-resource-name>Restricted</web-resource-name>
          Declarative security tests
          <url-pattern>*.action</url-pattern>
          <http-method>HEAD</http-method>
          <http-method>GET</http-method>
          <http-method>POST</http-method>
          <http-method>PUT</http-method>
          <http-method>DELETE</http-method>
          </web-resource-collection>
          <auth-constraint>
          <role-name>ROLE1</role-name>
          </auth-constraint>
          <user-data-constraint>
          no description
          <transport-guarantee>NONE</transport-guarantee>
          </user-data-constraint>
          </security-constraint>

          <login-config>
          <auth-method>BASIC</auth-method>
          <realm-name>JAAS Tutorial Servlets</realm-name>
          </login-config>

          <security-role>
          A user allowed to invoke echo methods
          <role-name>ROLE1</role-name>
          </security-role>


          jboss\conf\tomcat\auth.conf

          ipac20admin {
          org.jboss.security.auth.spi.DatabaseServerLoginModule required
          dsJndiName="java:/lowroad"
          principalsQuery="SELECT PASSKEY FROM PRINCIPALS WHERE PRINCIPALID=?"
          rolesQuery="SELECT ROLE_ID, ROLEGROUP FROM ROLES WHERE PRINCIPALID=?"
          ;
          };

          simple {
          // Very simple login module:
          // any user name is accepted.
          // password should either coincide with user name or be null,
          // all users have role "guest",
          // users with non-null password also have role "user"
          org.jboss.security.auth.spi.SimpleServerLoginModule required;
          };