3 Replies Latest reply on Jan 9, 2006 11:59 PM by steviej

    exception when using StateManager for message authentication

    jieshengz Jul 19, 2004 7:04 AM

      I am running Jboss 3.2.5. I configured my message queue to use org.jboss.mq.sm.file.DynamicLoginModule for authentication. However I got an exception like this
      EBUG [org.jboss.resource.connectionmanager.CachedConnectionInterceptor] start called in CachedConnectionInterceptor
      2004-07-19 18:43:13,329 ERROR [org.jboss.mq.sm.file.DynamicLoginModule] Failed to load DynamicSecurityManager
      java.lang.ClassCastException
      at org.jboss.mq.sm.file.DynamicLoginModule.initialize(DynamicLoginModule.java:53)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
      at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:476)
      at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:430)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:246)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:221)
      at org.jboss.mq.security.SecurityManager.authenticate(SecurityManager.java:199)
      at org.jboss.mq.security.ServerSecurityInterceptor.authenticate(ServerSecurityInterceptor.java:51)
      at org.jboss.mq.server.TracingInterceptor.authenticate(TracingInterceptor.java:781)
      at org.jboss.mq.server.JMSServerInvoker.authenticate(JMSServerInvoker.java:287)
      at org.jboss.mq.il.jvm.JVMServerIL.authenticate(JVMServerIL.java:301)

      Is stateManager disabled from authentication in jboss-3.2.5?

      thanks

      • 3438 Views
      • Tags:
        • 1. Re: exception when using StateManager for message authentica
          stephanenicoll Jul 19, 2004 7:26 AM (in response to jieshengz)

          As from 3.2.4, it's using a database to persist subscription instead of the jbossmq-state.xml file.

          Check deploy/jms/ for the class name to use (hsql-jbossmq-state.xml I think).

          Regards,

          Stephane

            • Actions
          • 2. Re: exception when using StateManager for message authentica
            tomhawk
            tomhawk Apr 9, 2005 10:32 AM (in response to jieshengz)

            hello?i had the same problem with you ,if you have find the way .please tell me .my email is :xiehawk@avl.com.cn
            thanks

              • Actions
            • 3. Re: exception when using StateManager for message authentica
              steviej
              steviej Jan 9, 2006 11:59 PM (in response to jieshengz)

              The problem is that the default JMS state manager MBean that is loaded in JBoss 3.2.5 is the HQSL JDBCStateManager (and not the DynamicStateManager, as required). However, you are still able to use the DynamicStateManager (the one which gets its usernames and passwords from conf/jbossmq-state.xml) if you want to.

              Changing the security domain for JBossMQ in login-config.xml to use the DynamicLoginModule isn't enough - you also need to change the loaded state manager MBean.

              So in order to use the DynamicLoginModule in JBoss 3.2.5, you need to follow these steps:

              1) Modify the security domain for JBossMQ in the conf/login-config.xml file to:

              <!-- Security domain for JBossMQ -->
              <application-policy name = "jbossmq">

              <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule" flag = "required">
              <module-option name = "unauthenticatedIdentity">guest</module-option>
              <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
              </login-module>

              </application-policy>

              2) Rename the deploy/jms/hsqldb-jdbc-state-service.xml file to something without the ".xml" extension, so that it is not deployed when the server starts up (something like hsqldb-jdbc-state-service.orig, for example). This
              file contains the configuration which tells JBoss to load the HSQL JDBCStateManager mbean, which you don't want loaded.

              3) Add the following lines to the deply/jms/jbossmq-service.xml file:


              <!-- This file is pulled from the configuration URL of the server -->
              jbossmq-state.xml


              This now loads the DynamicStateManager into the state manager mbean instead,
              which gets around the ClassCastException.

                • Actions