1 Reply Latest reply on May 16, 2006 11:24 AM by chris griffith

    Jboss is not accessing my Security Domain from login-config.

    Muhammad Umar Newbie

      I am having a weird problem. I am writting a simple EJB Application. The problem I am having is as follows:
      In file login-config.xml, I have configured a login Module for my Security Domain "adviceDomain", But JBoss reads "other" from login-config.xml and if I take "other" out from login-config.xml then I get the following Error Message:
      [java] java.rmi.AccessException: SecurityException; nested exception is:
      [java] javax.security.auth.login.LoginException: No LoginModules configured for adviceDomain
      AM I MISSING any STEP or missing some thing else? Your help will be much appreciated.


      Here are the Steps I took with Code Examples:
      1- set up a security Domain in JBoss.xml

      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS//EN" "http://www.jboss.org/j2ee/dtd/jboss.dtd">
      <jboss>
      <security-domain>java:/jaas/adviceDomain</security-domain>
       <enterprise-beans>
       <session>
       <ejb-name>AdviceBean</ejb-name>
       <jndi-name>ejb/AdviceBean</jndi-name>
       </session>
       </enterprise-beans>
      </jboss>
      



      2- Setup Permission in ejb-jar.xml
      <ejb-jar>
       <description>Intro to EJB</description>
       <display-name>EJB1</display-name>
       <enterprise-beans>
       <!-- Session Beans -->
       <session>
       <display-name>Advice Bean</display-name>
       <ejb-name>AdviceBean</ejb-name>
       <home>com.cc.dvr.AdviceHome</home>
       <remote>com.cc.dvr.Advice</remote>
       <ejb-class>com.cc.dvr.AdviceBean</ejb-class>
       <session-type>Stateful</session-type>
       <transaction-type>Container</transaction-type>
       </session>
       </enterprise-beans>
       <!-- Assembly Descriptor -->
       <assembly-descriptor>
       <security-role>
       <role-name>AdviceRole</role-name>
       </security-role>
       <method-permission>
       <role-name>AdviceRole</role-name>
       <method>
       <ejb-name>AdviceBean</ejb-name>
       <method-name>*</method-name>
       </method>
       </method-permission>
       </assembly-descriptor>
      </ejb-jar>
      



      3- add application-policy for security domain "adviceDomain" in $JBOSS_HOME/server/default/conf/login-config.xml.


      <application-policy name ="adviceDomian">
       <!-- A simple server login module, which can be used when the number
       of users is relatively small. It uses two properties files:
       users.properties, which holds users (key) and their password (value).
       roles.properties, which holds users (key) and a comma-separated list of
       their roles (value).
       The unauthenticatedIdentity property defines the name of the principal
       that will be used when a null username and password are presented as is
       the case for an unuathenticated web client or MDB. If you want to
       allow such users to be authenticated add the property, e.g.,
       unauthenticatedIdentity="nobody"
       -->
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag = "required" >
       <module-option name="usersProperties">props/users.properties</module-option>
       <module-option name="rolesProperties">props/roles.properties</module-option>
       <module-option name="unauthenticatedIdentity">nobody</module-option>
       </login-module>
       </authentication>
       </application-policy>
      


      Am I MISSING any step? or Some thing else wrong here. You help will be much Appreciated.