5 Replies Latest reply on Oct 17, 2002 12:49 PM by Tim Penhey

    Add LoginModule in 3.0.x?

    Scott Green Newbie

      I've created a new login module to use with a datasource realm. I've added a jar file with the module to the configuration's lib directory, but it looks like the new login module class is not being found. I'm getting a "principal = null" error.

      In JBoss 3.0.3, what is the best way to make JBoss aware of a new login module class? I'm afraid I might be missing a basic step.


      -Scott Green

        • 1. Re: Add LoginModule in 3.0.x?
          Mike Pettit Newbie

          try editing/customizing conf/login-config.xml

          • 2. Re: Add LoginModule in 3.0.x?
            Scott Green Newbie

            Thanks for the suggestion.

            I think I have configured the login-config.xml

            I've created a new class, that currently for testing purposes is ConfiguredIdentityLoginModule with a new name. I've put a jar with this class into the configuration's lib directory, and I've added the following realm to the login-config.xml:

            <application-policy name = "MySqlDbRealm">

            <login-module code = "org.jboss.resource.security.MyLoginModule" flag = "required">
            <module-option name = "principal">root</module-option>
            <module-option name = "userName">root</module-option>
            <module-option name = "password">test</module-option>
            <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option>


            When I try to connect to the datasource I get "java.lang.SecurityException: Invalid authentication attempt, principal=null]"

            I'm assuming, perhaps incorrectly, that the problem is that the class is now being found, because it get the same exception if I put in a garbage class name in the code field.

            If I use ConfiguredIdentityLoginModule instead, everything works as expected.

            • 3. Re: Add LoginModule in 3.0.x?
              Scott Green Newbie


              The method I described in the last post worked correctly on the JBoss 3.2.x beta. Has anyone successfully used their own LoginModule for a datasource connection in 3.0.3?

              -Scott Green

              • 4. Re: Add LoginModule in 3.0.x?
                Mike Pettit Newbie

                I am working on getting a custom Login module to work in JBoss 3.0.3 - I will keep this thread updated on my progress. Currently my problem is an "IllegalStateException - Security Context Not set"

                any info on this error would be greatly appreciated.

                • 5. Re: Add LoginModule in 3.0.x?
                  Tim Penhey Newbie


                  My login module derived from the DatabaseServerLoginModule.

                  One thing though, if you are trying to get the principal using getIdentity() you might have a wee problem.

                  In the initialize method I do the following:

                  SecurityAssociationCallback sac = new SecurityAssociationCallback();
                  Callback[] callbacks = {sac};
                  try {
                  principal = sac.getPrincipal();
                  log.trace("principal: " + principal);
                  catch (Exception e) {
                  log.error("callback failed: " , e);

                  where principal is a private Principal object.