5 Replies Latest reply on Oct 17, 2002 12:49 PM by Tim Penhey

    Add LoginModule in 3.0.x?

    Scott Green Newbie

      Hello,
      I've created a new login module to use with a datasource realm. I've added a jar file with the module to the configuration's lib directory, but it looks like the new login module class is not being found. I'm getting a "principal = null" error.

      In JBoss 3.0.3, what is the best way to make JBoss aware of a new login module class? I'm afraid I might be missing a basic step.

      Thanks.

      -Scott Green

        • 1. Re: Add LoginModule in 3.0.x?
          Mike Pettit Newbie

          try editing/customizing conf/login-config.xml

          • 2. Re: Add LoginModule in 3.0.x?
            Scott Green Newbie

            Thanks for the suggestion.

            I think I have configured the login-config.xml

            I've created a new class, that currently for testing purposes is ConfiguredIdentityLoginModule with a new name. I've put a jar with this class into the configuration's lib directory, and I've added the following realm to the login-config.xml:

            <application-policy name = "MySqlDbRealm">

            <login-module code = "org.jboss.resource.security.MyLoginModule" flag = "required">
            <module-option name = "principal">root</module-option>
            <module-option name = "userName">root</module-option>
            <module-option name = "password">test</module-option>
            <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option>
            </login-module>

            </application-policy>

            When I try to connect to the datasource I get "java.lang.SecurityException: Invalid authentication attempt, principal=null]"

            I'm assuming, perhaps incorrectly, that the problem is that the class is now being found, because it get the same exception if I put in a garbage class name in the code field.

            If I use ConfiguredIdentityLoginModule instead, everything works as expected.

            • 3. Re: Add LoginModule in 3.0.x?
              Scott Green Newbie

              Hi,

              The method I described in the last post worked correctly on the JBoss 3.2.x beta. Has anyone successfully used their own LoginModule for a datasource connection in 3.0.3?

              -Scott Green

              • 4. Re: Add LoginModule in 3.0.x?
                Mike Pettit Newbie

                I am working on getting a custom Login module to work in JBoss 3.0.3 - I will keep this thread updated on my progress. Currently my problem is an "IllegalStateException - Security Context Not set"

                any info on this error would be greatly appreciated.
                -MP

                • 5. Re: Add LoginModule in 3.0.x?
                  Tim Penhey Newbie

                  Yes.

                  My login module derived from the DatabaseServerLoginModule.

                  One thing though, if you are trying to get the principal using getIdentity() you might have a wee problem.

                  In the initialize method I do the following:

                  SecurityAssociationCallback sac = new SecurityAssociationCallback();
                  Callback[] callbacks = {sac};
                  try {
                  callbackHandler.handle(callbacks);
                  principal = sac.getPrincipal();
                  log.trace("principal: " + principal);
                  }
                  catch (Exception e) {
                  log.error("callback failed: " , e);
                  }

                  where principal is a private Principal object.

                  Tim