2 Replies Latest reply on Jun 9, 2006 8:53 AM by Jonathon Roberts

    Multible datasources, Virtual host and EJB Login help

    Jonathon Roberts Newbie

      I'm stuck.

      I'm trying to get my application to be deployed twice on the same instance of the server using virtual hosts. Each application will deploy on it's own using the virtual host, but if I try to deploy both at the same time, I get:

      java.rmi.AccessException: SecurityException; nested exception is:
       javax.security.auth.login.FailedLoginException: No matching username found in Principals
       at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:370)
       at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:125)
       at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
       at org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessSessionContainer.java:319)
       at org.jboss.ejb.Container.invoke(Container.java:729)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:62)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:54)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:82)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:198)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
       at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:97)
       at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:115)
       at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:101)
       at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
       at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55)
       at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
       at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:86)
       at $Proxy313.create(Unknown Source)
       at cortracold.User.getLoginBean(User.java:368)
       at cortracold.User.<init>(User.java:85)
       at com.opensourcegroup.cortrac.login.filter.UserAttributeFilter.doFilter(UserAttributeFilter.java:52)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
       at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:75)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
       at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
       at org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrincipalValve.java:66)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
       at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:162)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
       at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
       at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:535)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
       at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
       at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
       at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
       at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
       at java.lang.Thread.run(Thread.java:595)
      Caused by: javax.security.auth.login.FailedLoginException: No matching username found in Principals
       at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:103)
       at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:156)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
       at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
       at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
       at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
       at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:480)
       at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:420)
       at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:237)
       at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:210)
       at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:151)
       at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:74)
       at org.jboss.ejb.plugins.LogInt
      
      

      It lets me through the web login but the EJB don't seem to have the correct login info, like it's using the wrong security domain or something.
      I have my login-config.xml configured like so:

      <policy>
       <application-policy name="voa-logon">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
       <module-option name="dsJndiName">java:/voaDS</module-option>
       <module-option name="principalsQuery">select password from T_Staff where logonname = ?</module-option>
       <module-option name="rolesQuery">select rtrim(Role), 'Roles' from T_Staff_Roles where logonname = ?</module-option>
       </login-module>
       </authentication>
       </application-policy>
       <application-policy name="fhm-logon">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
       <module-option name="dsJndiName">java:/fhmDS</module-option>
       <module-option name="principalsQuery">select password from T_Staff where logonname = ?</module-option>
       <module-option name="rolesQuery">select rtrim(Role), 'Roles' from T_Staff_Roles where logonname = ?</module-option>
       </login-module>
       </authentication>
       </application-policy>
      



      I have my jboss.xml file configured like so:
      The stuff between the @@ are replaced with the correct info.
      <jboss>
      <security-domain>@jndi.security.domain@</security-domain>
      <enterprise-beans>
      
      <session>
       <ejb-name>LoginEJB</ejb-name>
       <jndi-name>@jndi.ejb.prefix@/LoginEJB</jndi-name>
      </session>
      
      
      <resource-managers>
       <resource-manager res-class="org.jboss.ejb.deployment.JDBCResource">
       <res-name>CortracDB</res-name>
       <res-jndi-name>@jndi.datasource@</res-jndi-name>
       </resource-manager>
      </resource-managers>