2 Replies Latest reply on Oct 26, 2003 8:38 PM by david snowsill

    Invalid authentication attempt, principal=null

    hb_butalia Newbie

      I am getting the following error message.I am configuring DatabaseServerLoginModule with Sybase.
      I am trying to modify the sample application of javaworld.

      my auth.conf(server)
      // The JBoss server side JAAS login config file for the examples

      example1 {
      org.jboss.security.auth.spi.UsersRolesLoginModule required
      unauthenticatedIdentity=nobody
      ;
      };
      client-login
      {
      org.jboss.security.ClientLoginModule required;
      };
      example2 {
      org.jboss.security.auth.spi.DatabaseServerLoginModule required
      dsJndiName="java:/SybaseDB"
      principalsQuery="Select Password from Principals where PrincipalID =?"
      rolesQuery="Select Role 'Roles', RoleGroup 'RoleGroups' from Roles where PrincipalID =?"
      ;
      };
      my auth.conf(client)
      client-login
      {
      org.jboss.security.ClientLoginModule required;
      };

      example2
      {
      org.jboss.security.auth.spi.DatabaseServerLoginModule required
      ;
      };
      -----------
      login.xml
      ------------
      <?xml version="1.0"?>
      <!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN"
      "http://www.jboss.org/j2ee/dtd/security_config.dtd">
      <!-- The XML based JAAS login configuration read by the
      org.jboss.security.auth.login.XMLLoginConfig mbean. Add
      an application-policy element for each security domain.

      The outline of the application-policy is:
      <application-policy name="security-domain-name">

      <login-module code="login.module1.class.name" flag="control_flag">
      <module-option name = "option1-name">option1-value</module-option>
      <module-option name = "option2-name">option2-value</module-option>
      ...
      </login-module>

      <login-module code="login.module2.class.name" flag="control_flag">
      ...
      </login-module>
      ...

      </application-policy>

      $Revision: 1.6.2.1 $
      -->

      <!-- Used by clients within the application server VM such as
      mbeans and servlets that access EJBs.
      -->
      <application-policy name="client-login">

      <login-module code="org.jboss.security.ClientLoginModule" flag="required">
      </login-module>

      </application-policy>
      <!-- Security domain for JBossMQ -->
      <application-policy name="jbossmq">

      <login-module code="org.jboss.mq.sm.file.DynamicLoginModule" flag="required">
      <module-option name="unauthenticatedIdentity">guest</module-option>
      <module-option name="sm.objectname">jboss.mq:service=StateManager</module-option>
      </login-module>

      </application-policy>
      <!-- Security domains for testing new jca framework -->
      <application-policy name="HsqlDbRealm">

      <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule" flag="required">
      <module-option name="principal">sa</module-option>
      <module-option name="userName">sa</module-option>
      <module-option name="password"/>
      <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=java:/DefaultDS</module-option>
      </login-module>

      </application-policy>
      <application-policy name="FirebirdDBRealm">

      <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule" flag="required">
      <module-option name="principal">sysdba</module-option>
      <module-option name="userName">sysdba</module-option>
      <module-option name="password">masterkey</module-option>
      <module-option name="managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=FirebirdDS</module-option>
      </login-module>

      </application-policy>
      <!--<application-policy name="JmsXARealm">

      <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule" flag="required">
      <module-option name="principal">guest</module-option>
      <module-option name="userName">guest</module-option>
      <module-option name="password">guest</module-option>
      <module-option name="managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
      </login-module>

      </application-policy>-
      -->
      <!-- A template configuration for the jmx-console web application. This
      defaults to the UsersRolesLoginModule the same as other and should be
      changed to a stronger authentication mechanism as required.
      -->
      <application-policy name="jmx-console">

      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"/>

      </application-policy>
      <!-- The default login configuration used by any security domain that
      does not have a application-policy entry with a matching name
      -->
      <application-policy name="other">
      <!-- A simple server login module, which can be used when the number
      of users is relatively small. It uses two properties files:
      users.properties, which holds users (key) and their password (value).
      roles.properties, which holds users (key) and a comma-separated list of
      their roles (value).
      The unauthenticatedIdentity property defines the name of the principal
      that will be used when a null username and password are presented as is
      the case for an unuathenticated web client or MDB. If you want to
      allow such users to be authenticated add the property, e.g.,
      unauthenticatedIdentity="nobody"
      -->

      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"/>

      </application-policy>
      <application-policy name="example2">

      <!-- <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=SybaseDB</module-option>
      -->
      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
      <module-option name="dsJndiName">java:/SybaseDB</module-option>
      <module-option name="principalsQuery">Select Password from Principals where PrincipalID = ?</module-option>
      <module-option name="rolesQuery">Select Role 'Roles', RoleGroup 'RoleGroups' from Roles where PrincipalID = ?</module-option>
      </login-module>

      </application-policy>


      ---
      sybase-ds.xml
      ----
      <?xml version="1.0" encoding="UTF-8"?>
      <!-- ===================================================================== -->
      <!-- -->
      <!-- JBoss Server Configuration -->
      <!-- -->
      <!-- New ConnectionManager setup for Sybase ASE/ASA jConnect driver -->
      <!-- Thanks to Marc Zampetti <zampetti@aol.net> -->
      <!-- This is a minimal example. See the generic example for other stuff -->
      <!-- ===================================================================== -->
      <!-- $Id: sybase-ds.xml,v 1.1 2002/07/31 21:58:44 d_jencks Exp $ -->

      <local-tx-datasource>
      <jndi-name>SybaseDB</jndi-name>
      <!-- Sybase jConnect URL for the database.
      NOTE: The hostname and port are made up values. The optional
      database name is provided, as well as some additinal Driver
      parameters.
      -->
      <!-- prior to change
      <connection-url>jdbc:sybase:Tds:host.at.some.domain:5000/db_name?JCONNECT_VERSION=6</connection-url>
      <driver-class>com.sybase.jdbc2.jdbc.SybDataSource</driver-class>
      <user-name>x</user-name>
      y-->
      <connection-url>jdbc:sybase:Tds:127.0.0.1:2638/Summitdb</connection-url>
      <driver-class>com.sybase.jdbc2.jdbc.SybDriver</driver-class>
      <user-name>DBA</user-name>
      SQL
      </local-tx-datasource>

      -----

      Please help me....