The exceptions indicates that JAAS was trying to find the TTNServerLoginModule, but could not.
I would suggest putting your classes in a jar file and placing them in the /jboss-3.0.0RC3/lib directory. JBoss 3.0 uses a new kind of classloader, so you may need to review how you are loading classes.
I am putting my own LoginModules into the /jboss-3.0.0RC3/lib directory, as a jar file and they are found correctly by JAAS.
Thanks for the reply Peter.
I've tried placing TTNServerLoginModule in /lib as you suggest but with no success.
Also, I've tried reverting to using org/jboss/security/auth/spi/DatabaseServerLoginModule which is present in lib/jbosssx.jar, but again JAAS fails to locate it.
If not the /lib directory, where is JAAS trying to load the login modules from (and why)?
> If not the /lib directory, where is JAAS trying to
> load the login modules from (and why)?
I haven't tried JAAS with JBoss 3.0 yet (still using 2.4.4); but what I can tell you is that jaas uses ClassLoader.getSystemClassLoader() to load its classes -> including your login module, therefore.
Depending on your context, the system class loader need not be the same as the default class loader - this is the case for example in your Tomcat servlet.
I can't tell you the rationale why JAAS explicitly uses the system class loader, but it does (you can see it when you decompile Sun's jaas.jar).
Conclusion: wherever you want to load a login module, that login module must be in the system classloader's path.
Thanks for the info.
As a resolution, I've switched to running JBoss under JDK1.4, which apparently doesn't suffer from the same limitation.
In Java 1.4, JAAS is integrated
whereas before you had to add the jaas.jar yourself.
It looks like Sun has not only integrated JAAS, but also changed the implementation, though I can not find specifics on the changes on the Sun site.
At any rate from what you are saying, JBoss 3.0 with Security will only work out of the box under Java >= 1.4 !?
I have also experienced the situation where JAAS in JBoss 3.0.0 is not able to find my custom LoginModule, nor is it able to find a JBoss LoginModule. I discovered that I had placed a copy of jaas.jar in the lib directory within the JDK, and that the JVM was loading this jaas.jar separate from JBoss. JAAS was then not able to find LoginModules loaded within JBoss. Once I made sure that the only copy of jaas.jar, was the one loaded by JBoss, my problems went away because JAAS and the other LoginModules were loaded by the same JBoss classloader.
It is possible that you are experiencing a similar problem. At least the symptoms seem similar. Can you check to see if jaas.jar is loaded by the JVM outside of JBoss?
Cumulus, you're right, removing jaas.jar from the JRE worked.
So to summarize:
Running JBoss3.0.0RC3 under JDK1.3.x, there must not be a jaas.jar in the JRE.
Running JBoss3.0.0RC3 under JDK1.4 there is no issue (and no need to add jaas.jar to the JRE anyway, because it is fully integrated).
The only outstanding puzzle is that JBoss3.0.0beta and JDK1.3.x worked quite happily even with jaas.jar present in the JRE.
Anyway, thanks both jwkaltz and cumulus for your help.