2 Replies Latest reply on May 31, 2006 12:16 PM by Juergen Zimmermann

    JBoss 4.0.4/EJB3: DynamicLoginConfig fails

    Juergen Zimmermann Master

      I tried to switch from a static login configuration via conf/login-config.xml to a dynamic one. The static login configuration works without any problem.

      However, I get this stacktrace using the DynamicLoginConfig:

      11:39:14,652 INFO [EARDeployer] Started J2EE application: file:/C:/Programme/jboss/server/default/deploy/hska.ear
      11:39:26,298 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files
      java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
       at org.jboss.security.auth.spi.Util.loadProperties(Util.java:313)
       at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
       at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
       at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
       at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
       at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
       at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
       at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601)
       at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
       at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
       at org.jboss.aspects.security.AuthenticationInterceptor.authenticate(AuthenticationInterceptor.java:121)
       at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:67)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:225)
       at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
       at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
       at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:828)
       at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:681)
       at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:358)
       at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:398)
       at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:239)


      The META-INF/jboss-service.xml of the SAR:
      <?xml version="1.0" ?>
      
      <server>
       <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
       name="hska:service=DynamicLoginConfig">
       <attribute name="AuthConfig">META-INF/hska-login-config.xml</attribute>
       <depends optional-attribute-name="LoginConfigService">
       jboss.security:service=XMLLoginConfig
       </depends>
       <depends optional-attribute-name="SecurityManagerService">
       jboss.security:service=JaasSecurityManager
       </depends>
       </mbean>
      
      </server>


      The META-INF/hska-login-config.xml of the SAR:
      <?xml version='1.0'?>
      <!DOCTYPE policy PUBLIC
       "-//JBoss//DTD JBOSS Security Config 3.0//EN"
       "http://www.jboss.org/j2ee/dtd/security_config.dtd">
      <policy>
       <application-policy name="hska_beispiel">
       <authentication>
       <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag="required">
       <module-option name="dsJndiName">java:/hskaDS</module-option>
       <module-option name="unauthenticatedIdentity">gast</module-option>
       <module-option name="principalsQuery">SELECT password FROM hska_user WHERE username=?</module-option>
       <module-option name="rolesQuery">SELECT role, 'Roles' FROM hska_role WHERE username=?</module-option>
       <module-option name="hashAlgorithm">SHA-256</module-option>
       <module-option name="hashEncoding">base64</module-option>
       </login-module>
       </authentication>
       </application-policy>
      </policy>


      The META-INF/jboss-app.xml of the EAR:
      <?xml version="1.0"?>
      
      <!DOCTYPE jboss-app
       PUBLIC "-//JBoss//DTD J2EE Application 1.4//EN"
       "http://www.jboss.org/j2ee/dtd/jboss-app_4_0.dtd">
      
      <jboss-app>
       <security-domain>hska</security-domain>
       <module>
       <service>hska.sar</service>
       </module>
      </jboss-app>