1 Reply Latest reply on Oct 18, 2007 11:34 AM by Heiko Dähn

    Need help with DatabaseServerLoginModule!

    Heiko Dähn Newbie

      Hi all,

      first I used the org.jboss.security.auth.spi.UsersRolesLoginModule for the authentification of my EJB3 and it works fine,
      but now I have to look in my database instead of looking in a properties-file.

      Here is my entry in the login-config.xml:

      <application-policy name = "dbsecuritytest">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag = "required">
       <module-option name = "unauthenticatedIdentity">anonymos</module-option>
       <module-option name = "dsJndiName">java:/testDB</module-option>
       <module-option name = "principalsQuery">SELECT PASSWORD FROM USERS WHERE USERID=?</module-option>
       <module-option name = "rolesQuery">SELECT 'user' as role, 'Roles' as roles FROM USERS WHERE USERID=?</module-option>
       </login-module>
       </authentication>
       </application-policy>
      


      And in my Bean I say

      @Stateless
      @SecurityDomain("dbsecuritytest")
      public class MyBean
      
      [...]
      
      
      public doSomething(){
       ....
      }



      I monitor my DB and I can see the first statement:
      SELECT PASSWORD FROM USERS WHERE USERID='abc'.

      But then comes this Exception:

      Exception in thread "main" javax.ejb.EJBAccessException: Authentication failure
       at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68)
       at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70)
       at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:106)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:278)
       at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
       at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
       at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:734)
       at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:560)
       at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:369)
       at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:165)
       at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:163)
       at org.jboss.remoting.Client.invoke(Client.java:1550)
       at org.jboss.remoting.Client.invoke(Client.java:530)
       at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:72)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:103)
       at $Proxy0.doSomething(Unknown Source)
      


      What is here wrong ?
      Can anybody help me?

      Thx