3 Replies Latest reply on Dec 17, 2008 12:21 PM by Nicholas Sayer

    JBoss datasource encryption

    expired expired Newbie

      We're running JBoss 4.0.5 (Windows in development, Linux in production), and I'm trying to encrypt a datasource password using our own algorithm, using this as a reference:
      http://wiki.jboss.org/wiki/EncryptingDataSourcePasswords

      I've been able to get this to work using the standard JBoss SecureIdentityLoginModule with an encrypted password. But I have not been able to tie in a custom algorithm.

      I've changed the datasource.xml file to add the security domain:

      <security-domain>EncryptDBPassword</security-domain>


      and added the policy to login-config.xml:
      <application-policy name="EncryptDBPassword">
       <authentication>
       <login-module code="org.jboss.resource.security.SecureCustomLoginModule" flag="required">
       <module-option name="username">admin</module-option>
       <module-option name="password">-207a6df87216de44</module-option>
       <module-option name="managedConnectionFactoryName">jboss.jca:name=PostgresDS,service=LocalTxCM</module-option>
       </login-module>
       </authentication>
      </application-policy>


      I've then written my own SecureCustomLoginModule, which at this point is identical to SecureIdentityLoginModule, extending AbstractPasswordCredentialLoginModule. I keep it packaged in org.jboss.resource.security to it has access to the JBoss classes (like SubjectActions) and packaged it in a separate jar in the deploy folder.

      But without even changing the encryption logic, JBoss will not authenticate when I use a custom security module. The code is the same, it just points to a different class.

      Is there an example of a working or recommended implementation of this? A requirement here is to use our own encryption algorithm and custom key.

      Errors follow below.

      Thanks to anyone who can help!

      error:
      State: FAILED
       Reason: java.lang.SecurityException: Invalid authentication attempt, principal=null
      
      java.lang.SecurityException: Invalid authentication attempt, principal=null
       at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(BaseConnectionManager2.java:572)
       at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnectionManager2.java:378)
       at org.jboss.resource.connectionmanager.BaseConnectionManager2$ConnectionManagerProxy.allocateConnection(BaseConnectionManager2.java:812)
       at org.jboss.resource.adapter.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:88)
       at org.jboss.ejb.plugins.cmp.jdbc.SQLUtil.fixTableName(SQLUtil.java:173)
       at org.jboss.ejb.plugins.cmp.jdbc.bridge.JDBCEntityBridge.init(JDBCEntityBridge.java:157)
       at org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.initStoreManager(JDBCStoreManager.java:435)
       at org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.start(JDBCStoreManager.java:368)
       at org.jboss.ejb.plugins.CMPPersistenceManager.start(CMPPersistenceManager.java:172)
       at org.jboss.ejb.EntityContainer.startPmAndInterceptors(EntityContainer.java:1063)
       at org.jboss.ejb.EjbModule.startService(EjbModule.java:422)


      (If I switch back to the SecureIdentityLoginModule then everything works fine)

        • 1. Re: JBoss datasource encryption
          Nicholas Sayer Newbie

          I am trying to do the exact same thing and having the exact same problem. Not only is the exception completely useless, but there's no other logging taking place. Even putting system.err.println() tombstones in the code for my custom login module doesn't work. It's as if it can't find the class and decides that the 'principal=null' error is a helpful message to provide. Not.

          • 2. Re: JBoss datasource encryption
            Nicholas Sayer Newbie

            So it appears that the issue is that there is some sort of security code in or near SubjectActions that prevents our custom class from using it. Even if we actually shove our class directly into jboss-jca.jar, we still get the same error, so it's not a classloader issue.

            Of course, the actual call to decrypt the code is inside commit(), which requires you to horse around with SubjectAction.

            The actual decryption is quite nicely encapsulated in the decode() method.

            Which is private instead of protected.

            AAARRRGGGHHHH!!!!!!!!!!!!

            javax.security.auth.login.LoginException: java.lang.IllegalAccessError: tried to access class org.jboss.resource.security.SubjectActions from class org.jboss.resource.security.SSNIdentityLoginModule
             at org.jboss.resource.security.SSNIdentityLoginModule.commit(SSNIdentityLoginModule.java:62)
             at sun.reflect.GeneratedMethodAccessor87.invoke(Unknown Source)
             at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
             at java.lang.reflect.Method.invoke(Method.java:585)
             at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
             at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
             at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
             at java.security.AccessController.doPrivileged(Native Method)
             at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
             at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
             at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
             at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
             at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
             at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(BaseConnectionManager2.java:594)





            • 3. Re: JBoss datasource encryption
              Nicholas Sayer Newbie

              I worked around this by extending ConfiguredIdentityLoginModule. I overrode initialize to create a new options Map from the old one, but with the password decrypted, then call super.initialize().