1 Reply Latest reply on Jun 5, 2003 10:05 AM by Vincent B Fischer

    Failed to find LoginModule config for name

    eacgandalf Newbie

      We are translating an application from COBOL to Java and one of the things with the old system was no integrated user security.
      They solved this by writing a quazi login that returned the list of functions the user could access. These function were then 'open' with no security.

      I am trying to implement the minimum LoginModule that achieves the same thing. Most articles go the full monty to lock down the entire application (which we WILL do in later version) but I only want that a single SessionBean executes a login - the others have no security.

      My question is, how do I configure JBoss to do this?

      I am getting an error 'failed to find login module config for name: '

      In login-config.xml I have put the only configuration:
      <application-policy name = "Passlogin">

      <login-module code =
      "..Passlogin"
      flag = "required">
      </login-module>

      </application-policy>

      I am using it like this:
      lc = new LoginContext("Passlogin", new PassLoginCallback( "USERID", "SYSTEMID", "SYSTEMTYPE" ) );
      lc.login();
      Subject subject = lc.getSubject();

      Any help would be greatly appreaciated.

      EJC

        • 1. Re: Failed to find LoginModule config for name
          Vincent B Fischer Newbie

          Keep in mind the login-config.xml is for configuring your server component's security policies. In the SessionBean's jboss.xml, you need to make sure you reference the policy you wish to be used. For example:

          <security-domain>java:/jaas/budget</security-domain>

          would go before <enterprise-beans>. Refer to the dtd of the document for more info.

          Now, for your client, you need to specify a jass config file. A good one to use is the one you'll find in the client subdirectory, auth.conf. I made a copy of this, and thanks to another poster, got it right. It now is just:

          other {
          org.jboss.security.ClientLoginModule required
          password-stacking="useFirstPass"
          ;
          };

          So, now in my client, I invoke the login by:

          lc = new LoginContext("other", new PassLoginCallback("USERID", "PASSWORD");
          lc.login;
          etc...

          Hope this helps