0 Replies Latest reply on Nov 22, 2006 10:40 AM by Horst Pingen

    Got 403 Error with own LoginModule

    Horst Pingen Newbie

      Hi,

      I need to implement a LoginModule for the JBoss Portal and I got stuck.
      By now I use the plain jboss-portal-2.4.0.

      The LoginModule is extending the

      UsernamePasswordLoginModule
      class and the methods are
      called sucessfully.

      I wrote some dummy methods to test if all goes well:

       protected String getUsersPassword()
       throws LoginException {
      
       String userName;
      
      
       MyLoginModule.log.info( "getUsersPassword() aufgerufen" );
      
       userName = this.getUsername();
       MyLoginModule.log.info(
       "getUsersPassword(): Benutzername: " + userName );
      
       if( userName.equals( "andreas" ) == true )
       {
       return "pwd_andreas";
       }
       else
       {
       return "";
       }
       }
      
       protected boolean validatePassword(
       String inputPassword,
       String expected )
       {
       boolean result;
      
      
       MyLoginModule.log.info(
       "validatePassword(): [" +
       inputPassword +
       "] [" +
       expected +
       "]" );
      
       result = super.validatePassword( inputPassword, expected );
      
       MyLoginModule.log.info( "validatePassword(): " + result );
       return result;
       }
      
       protected Group[] getRoleSets()
       throws LoginException {
      
       SimpleGroup actGroup[];
      
      
       MyLoginModule.log.info( "getRoleSets(): aufgerufen" );
       actGroup = new SimpleGroup[1];
      
      
       actGroup[0] = new SimpleGroup( "Roles" );
       actGroup[0].addMember(
       new SimplePrincipal( "Admin" ) );
      
       MyLoginModule.log.info( "getRoleSets(): fertig." );
       return actGroup;
       }
      


      When I authenticate, I will get an 403 error and the following output in the server logs:


      LoginModule Class: de.abracon.jboss.AbraLoginModule
      ControlFlag: Anmeldemodul-Steuerflag: required
      Options:
      2006-11-22 16:09:40,218 INFO [de.abracon.jboss.AbraLoginModule] LoginModule instanziiert.
      2006-11-22 16:09:40,218 INFO [de.abracon.jboss.AbraLoginModule] getUsersPassword() aufgerufen
      2006-11-22 16:09:40,218 INFO [de.abracon.jboss.AbraLoginModule] getUsersPassword(): Benutzername: andreas
      2006-11-22 16:09:40,218 INFO [de.abracon.jboss.AbraLoginModule] validatePassword(): [pwd_andreas] [pwd_andreas]
      2006-11-22 16:09:40,218 INFO [de.abracon.jboss.AbraLoginModule] validatePassword(): true
      2006-11-22 16:09:40,218 INFO [de.abracon.jboss.AbraLoginModule] getRoleSets(): aufgerufen
      2006-11-22 16:09:40,218 INFO [de.abracon.jboss.AbraLoginModule] getRoleSets(): fertig.
      2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] defaultLogin, lc=javax.security.auth.login.LoginContext@17ea32c, subject=Subject(17484699).principals=org.jboss.security.SimplePrincipal@27542048(andreas)org.jboss.security.SimpleGroup@29176256(Roles(members:Admin))
      2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] updateCache, inputSubject=Subject(17484699).principals=org.jboss.security.SimplePrincipal@27542048(andreas)org.jboss.security.SimpleGroup@29176256(Roles(members:Admin)), cacheSubject=Subject(870036).principals=org.jboss.security.SimplePrincipal@27542048(andreas)org.jboss.security.SimpleGroup@29176256(Roles(members:Admin))
      2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] Inserted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@194ccbc[Subject(870036).principals=org.jboss.security.SimplePrincipal@27542048(andreas)org.jboss.security.SimpleGroup@29176256(Roles(members:Admin)),credential.class=java.lang.String@24659469,expirationTime=1164209980203]
      2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] End isValid, true
      2006-11-22 16:09:40,234 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Betreff:
      Principal: andreas
      Principal: Roles(members:Admin)
      , sc=org.jboss.security.SecurityAssociation$SubjectContext@16de797{principal=andreas,subject=8366806}
      2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@194ccbc[Subject(870036).principals=org.jboss.security.SimplePrincipal@27542048(andreas)org.jboss.security.SimpleGroup@29176256(Roles(members:Admin)),credential.class=java.lang.String@24659469,expirationTime=1164209980203]
      2006-11-22 16:09:40,234 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@16de797{principal=andreas,subject=8366806}
      2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getUserRoles, subject: Betreff:
      Principal: andreas
      Principal: Roles(members:Admin)

      2006-11-22 16:09:40,234 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
      2006-11-22 16:09:40,250 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
      2006-11-22 16:16:31,453 DEBUG [org.jboss.resource.connectionmanager.IdleRemover] run: IdleRemover notifying pools, interval: 450000


      Any idea what went wrong ...