SRP authentication
mcfisto Apr 12, 2003 8:24 AMHi, I have big problem with setting of SRP authentication on Jboss 3.0.6. I set everything (i hope!) as described in http://www.ociweb.com/jnb/jnbJul2002.html (exept their DatabaseRoleLoginModule - I use org.jboss.security.auth.spi.DatabaseServerLoginModule). But - if client trying to log on for the first time - everything is OK, but for the second time (the same user) Jboss tells this:
------begin log ------
2003-04-12 14:06:17,382 ERROR [org.jboss.security.srp.SRPService] Failed to update SRP cache for user={username=t, sessionID=0}
java.lang.ClassCastException
at org.jboss.security.srp.SRPSessionKey.equals(SRPSessionKey.java:34)
at java.util.HashMap.eq(HashMap.java:270)
at java.util.HashMap.get(HashMap.java:319)
at java.util.Collections$SynchronizedMap.get(Collections.java:1938)
at org.jboss.util.TimedCachePolicy.peek(TimedCachePolicy.java:181)
at org.jboss.security.srp.SRPService.verifiedUser(SRPService.java:227)
at org.jboss.security.srp.SRPRemoteServer.verify(SRPRemoteServer.java:273)
at org.jboss.security.srp.SRPRemoteServer.verify(SRPRemoteServer.java:205)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
at java.lang.Thread.run(Thread.java:536)
2003-04-12 14:06:17,973 ERROR [org.jboss.ejb.plugins.SecurityInterceptor] Authentication exception, principal=t
2003-04-12 14:06:17,973 ERROR [org.jboss.ejb.plugins.LogInterceptor] EJBException, causedBy:
java.lang.SecurityException: Authentication exception, principal=t
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
at org.jboss.ejb.Container.invoke(Container.java:730)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:382)
at sun.reflect.GeneratedMethodAccessor25.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
at java.lang.Thread.run(Thread.java:536)
---- end log ----
My settings are:
*** client ***
jaas.conf:
----------
fenix {
org.jboss.security.srp.jaas.SRPLoginModule required
srpServerJndiName="srp/SRPServerInterface"
principalClassName="org.jboss.security.srp.jaas.SRPPrincipal"
;
org.jboss.security.ClientLoginModule required
password-stacking="useFirstPass"
multi-threaded=false
;
};
*** server *** :
jaas.conf:
----------
fenix {
org.jboss.security.srp.jaas.SRPCacheLoginModule requisite
cacheJndiName="srp/AuthenticationCache"
;
org.jboss.security.auth.spi.DatabaseServerLoginModule required
password-stacking="useFirstPass"
dsJndiName="java:/FenixAuthDS"
;
};
jboss-service.xml:
-------------------
jboss.security:service=DefaultLoginConfig
auth.conf
srp/FenixVerifierStore
java:/FenixAuthDS
SELECT password FROM principals WHERE principalid=?
srp/FenixVerifierStore
srp/AuthenticationCache
srp/SRPServerInterface
86400
10
<!-- JAAS security manager and realm mapping -->
org.jboss.security.plugins.JaasSecurityManager
srp/AuthenticationCache
jboss.xml:
-----------
<!-- StatelessSession beans are secure by default -->
<container-configuration>
<container-name>Standard Stateless SessionBean</container-name>
<security-domain>java:/jaas/fenix</security-domain>
</container-configuration>
<!--A stateless session config that is not secured -->
<container-configuration extends="Standard Stateless SessionBean">
<container-name>Unsecure Stateless SessionBean</container-name>
<security-domain/>
</container-configuration>
</container-configurations>
Do you have any idea what's wrong???
Thanks a lot in advance.