1 Reply Latest reply on Feb 5, 2007 3:11 PM by jaikiran pai

    Using DatabaseServerLoginModule not effect ? Please help me.

    LeQuoc Thai Novice

      Hi all !
      I create my database by MySQL on the server side called "MyDB".
      My login-config.xml:
      .....
      <application-policy name="DB-Domain">
      ....
      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
      <module-option name="dsJndiName">java:jdbc/MyDB</module-option>
      <module-option name="principalsQuery">
      select passwd from Users where username=?</module-option>
      <module-option name="rolesQuery">
      select userRoles, roleGroups from UserRoles where username=?</module-option>
      </login-module>
      ...
      And my jboss.xml:

      <security-domain>DB-Domain</security-domain>

      On the client side, I use ClientLoginModule. But when I enter username and password. I receive some messages:
      ----
      javax.ejb.EJBAccessException: Authentication failure
      at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:99)
      at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70)
      at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:131)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:263)
      at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
      at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
      at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:828)
      at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:681)
      at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:358)
      at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:398)
      at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:239)
      Caused by: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
      at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:585)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
      at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601)
      at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
      at org.jboss.aspects.security.AuthenticationInterceptor.authenticate(AuthenticationInterceptor.java:123)
      at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:66)
      at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:131)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:263)
      at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
      at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
      at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:828)
      at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:681)
      at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:358)
      at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:398)
      at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:239)
      at org.jboss.remoting.RemoteClientInvoker.invoke(RemoteClientInvoker.java:190)
      at org.jboss.remoting.Client.invoke(Client.java:525)
      at org.jboss.remoting.Client.invoke(Client.java:488)
      at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:41)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:88)
      at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:46)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:88)
      at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:40)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:88)
      at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:77)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:88)
      at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:102)
      at $Proxy0.printS(Unknown Source)
      at client.security.Client.main(Client.java:43)
      ----
      have any idea ?Thanks.

        • 1. Re: Using DatabaseServerLoginModule not effect ? Please help
          jaikiran pai Master

           

          Caused by: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
          at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
          at org.jboss.security.auth.spi.UsersRolesLoginModule.login
          (UsersRolesLoginModule.java:152)


          The exception stacktrace shows that it is using UsersRolesLoginModule(which looks for users.properties/roles.properties in the classpath) instead of the DB-Domain (Database loginmodule). Looks like its ignoring the entry in the jboss.xml or there might be something wrong in the login-config.xml. Can you post the entire contents of both these files? (Remember to wrap the contents in a code block using the Code button while posting). Also can you post the trace level log of jboss security package (Look at Q4 at http://wiki.jboss.org/wiki/Wiki.jsp?page=SecurityFAQ to see how the logs can be enabled)