4 Replies Latest reply on Feb 19, 2003 12:34 PM by J. Wolfgang Kaltz

    JAAS Linux problem

    Vince Marco Newbie

      I have a J2EE app (EJBs, and WAR) deployed which uses a custom LoginModule extending UsernamePasswordLoginModule. This works great on my W2K dev box, and the W2K dev test server. When I move this to the Linux-based production server, I get sent to the <form-error-page> when logging in.

      The odd part is that my trace statements indicate a valid authentication, and the exception in the error page is null...making it difficult to determine the problem. EJB and data access is fine.

      With DEBUG, on W2K I get:

      14:44:59,437 DEBUG [JBossUserRealm#NcapRealm] authenticated: vmarco
      14:44:59,437 DEBUG [JBossUserRealm#NcapRealm] JBossUserPrincipal: vmarco is NOT in Role: admin
      14:44:59,437 DEBUG [JBossUserRealm#NcapRealm] JBossUserPrincipal: vmarcois in Role: user
      14:44:59,453 DEBUG [InsertTag] insert page='/app/common/layout_main.jsp'.

      On Linux I get:

      15:05:15,041 DEBUG [JBossUserRealm#NcapRealm] authenticated: vmarco
      15:05:15,043 DEBUG [JBossUserRealm#NcapRealm] setting JAAS subjectAttributeName(j_subject) : Subject:
      Principal: vmarco
      Principal: Roles
      15:05:15,070 DEBUG [RequestUtils] Get module name for path /app/goLoginError.action

      Notice it doesn't say anything about is or is NOT in Role as it does on W2K.

      Any suggestions?

        • 1. Re: JAAS Linux problem
          J. Wolfgang Kaltz Novice

          Are you sure you're using the exact same JBoss configurations on your dev server and your production server ? Is it the same JBoss version ? Where are your users and roles configured ?

          There should not be any difference between JBoss behaviour on Windows and Linux, unless you've run into a JRE bug.

          • 2. Re: JAAS Linux problem
            Vince Marco Newbie

            I'm using the same configuration as far as I can tell, and I think I've been through this pretty thoroughly. But as the case with configuration, I'm probably missing something I can't see. :-)

            It is the same JBoss version. My users and roles are in a database table. The database in production is a different instance of the same schema as in test. The thing is that I've been able to connect my remote debugger (IDEA) to the production server and walk through my LoginModule and it returns as validated successfully. But somewhere following it ends up routing to my <form-error-page>.

            Man, I'd hate to have to go to a Windows server....but it is working there.

            • 3. Re: JAAS Linux problem
              Vince Marco Newbie

              What I found as a workaround is to use BASIC authentification. That works, and perhaps suggests that there could be a Linux JRE bug. I'm checking to see if I have the latest Linux JRE.

              • 4. Re: JAAS Linux problem
                J. Wolfgang Kaltz Novice

                > I'm checking to
                > see if I have the latest Linux JRE.

                I recommend the 1.4.0 series, not the 1.4.1 -> that one has something fishy with streams and process handling (only in Linux, Solaris is OK), which for instance make it impossible to start a Java server such as JBoss through Ant.