4 Replies Latest reply on Feb 22, 2008 7:22 AM by Stefan Siebel

    Jboss is always using UserRolesLoginModule instead of Client

    Stefan Siebel Newbie

      Hi,

      i'm currently trying to use the ClientLoginModule in Jboss 4.2.1 in a JSF based WebApp.

      I'm passing -Djava.security.auth.login.config==C:/auth.conf to the VM when starting the jboss app server.

      auth.conf looks like this:

      mylogin {
       org.jboss.security.ClientLoginModule required;
      };
      


      In my login Bean i'm creating a new login context like this:

      final CallbackHandler cbHandler = new MyCallBackHandler(username, password.toCharArray(), clientId);
      LoginContext loginContext = new LoginContext("mylogin", cbHandler);
      loginContext.login();
      


      The last line produces this error output on the console:

      10:04:18,466 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files
      java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
       at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315)
       at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
       at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
       at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       at java.lang.reflect.Method.invoke(Unknown Source)
       at javax.security.auth.login.LoginContext.invoke(Unknown Source)
       at javax.security.auth.login.LoginContext.access$000(Unknown Source)
       at javax.security.auth.login.LoginContext$4.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
       at javax.security.auth.login.LoginContext.login(Unknown Source)
      
      (...)
      


      Can somebody help me with this? I read quite a lot of documentation and tutorials about that topic since yesterday but somehow don't get the point...

      br,
      Stefan