0 Replies Latest reply on Nov 21, 2007 10:32 AM by Martin Ganserer

    Remote JNDI lookup over http username propagation

    Martin Ganserer Novice

      Hi,

      I am trying to get an application working that communicates between JBOSS server and a client via HTTP. Basically this works fine. But now I am facing a problem.
      I want to secure the JNDI lookup by using the default security constraint defined in the web.xml of the invoker.war in the http-invoker.sar.
      But when my java client tries to make a look up following error message appears in the server log:

      Code:

      2007-07-24 16:42:03,612 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties,
       users=[user, timerecorder]
      2007-07-24 16:42:03,612 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties,
       users=[timerecorder]
      2007-07-24 16:42:03,612 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for u
      sername=null
      2007-07-24 16:42:03,612 DEBUG [org.jboss.ejb3.security.Ejb3AuthenticationInterceptor] Authentication
       failure
      javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required




      This is strange as my client provides proper credentials!

      Code:

      env.put(InitialContext.PROVIDER_URL, "http://myhost/invoker/restricted/JNDIFactory");
      env.put(InitialContext.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.HttpNamingContextFactory");
      env.put(InitialContext.SECURITY_PRINCIPAL, "username");
      env.put(InitialContext.SECURITY_CREDENTIALS, "password");
      env.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");
      
      try
      {
       ctx = new InitialContext(env);
      }
      catch (NamingException e1)
      {
       e1.printStackTrace();
      }
      



      The LoginModule seams to be correct as it works when I use
      org.jboss.security.jndi.JndiLoginInitialContextFactory for example!

      Do I miss something?