0 Replies Latest reply on Mar 2, 2005 4:48 AM by Luca Iacono

    Invalid Authentication attempt

    Luca Iacono Newbie

      Hi there,

      I have been trying to connect JBoss 3.0.4 to Oracle 9.2.0.1but the AS keeps on throwing the following exception during the deploy of ejb's:
      java.lang.SecurityException: Invalid authentication attempt: principal=null.
      I'd be grateful if someone could shed some light on this.
      for your reference you shall find oracle-service.xml login-config.xml

      oracle-service.xml

      <?xml version="1.0" encoding="UTF-8"?>
      <server>
       ==================================================================== -->
      
       <!-- ConnectionManager setup for Oracle dbs -->
      
       <!-- Build jmx-api (build/build.sh all) and view for config documentation -->
      
       <!-- Thanks to Steven Coy -->
      
       <!-- ==================================================================== -->
      
       <mbean code="org.jboss.resource.connectionmanager.LocalTxConnectionManager" name="jboss.jca:service=LocalTxCM,name=OracleDS">
       <attribute name="SecurityDomainJndiName">OracleDbRealm</attribute>
       <depends optional-attribute-name="ManagedConnectionFactoryName">
       <!--embedded mbean-->
       <mbean code="org.jboss.resource.connectionmanager.RARDeployment" name="jboss.jca:service=LocalTxDS,name=OracleDS">
       <attribute name="JndiName">EnacDS</attribute>
       <attribute name="ManagedConnectionFactoryProperties">
       <properties>
       <config-property name="ConnectionURL" type="java.lang.String">jdbc:oracle:thin:@10.0.0.107:1521:GESTELDB</config-property>
       <config-property name="DriverClass" type="java.lang.String">oracle.jdbc.driver.OracleDriver</config-property>
       <!--set these only if you want only default logins, not through JAAS -->
       <config-property name="UserName" type="java.lang.String">ENACSA</config-property>
       <config-property name="Password" type="java.lang.String">ENACSA</config-property>
       </properties>
       </attribute>
      <!--Below here are advanced properties -->
       <!--hack-->
       <depends optional-attribute-name="OldRarDeployment">jboss.jca:service=RARDeployment,name=JBoss LocalTransaction JDBC Wrapper</depends>
       </mbean>
       </depends>
       <depends optional-attribute-name="ManagedConnectionPool">
       <!--embedded mbean-->
       <mbean code="org.jboss.resource.connectionmanager.JBossManagedConnectionPool" name="jboss.jca:service=LocalTxPool,name=OracleDS">
       <attribute name="MinSize">0</attribute>
       <attribute name="MaxSize">101</attribute>
       <attribute name="BlockingTimeoutMillis">5000</attribute>
       <attribute name="IdleTimeoutMinutes">5</attribute>
       <attribute name="Criteria">ByContainer</attribute>
       </mbean>
       </depends>
       <depend> optional-attribute-name="CachedConnectionManager">jboss.jca:service=CachedConnectionManager</depends>
       <depends optional-attribute-name="JaasSecurityManagerService">jboss.security:service=JaasSecurityManager</depends>
       <attribute name="TransactionManager">java:/TransactionManager</attribute>
       <!--make the rar deploy! hack till better deployment-->
       <depends>jboss.jca:service=RARDeployer</depends>
       </mbean>
      </server>
      

      login-config.xml
      <policy>
       <!-- Used by clients within the application server VM such as
       mbeans and servlets that access EJBs.
       -->
       <application-policy name = "client-login">
       <authentication>
       <login-module code = "org.jboss.security.ClientLoginModule"
       flag = "required">
       </login-module>
       </authentication>
       </application-policy>
       <!-- Security domain for JBossMQ -->
       <application-policy name = "jbossmq">
       <authentication>
       <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule" flag = "required">
       <module-option name = "unauthenticatedIdentity">guest</module-option>
       <module-option name = "sm.objectnam">jboss.mq:service=StateManager</module-option>
       </login-module>
       </authentication>
       </application-policy>
       <!-- Security domains for testing new jca framework -->
       <application-policy name = "HsqlDbRealm">
       <authentication>
       <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
      
       flag = "required">
       <module-option name = "principal">sa</module-option>
       <module-option name = "userName">sa</module-option>
       <module-option name = "password"></module-option>
       <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=hsqldbDS</module-option>
       </login-module>
       </authentication>
       </application-policy>
       <application-policy name = "FirebirdDBRealm">
       <authentication>
       <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
       flag = "required">
       <module-option name = "principal">sysdba</module-option>
       <module-option name = "userName">sysdba</module-option>
       <module-option name = "password">masterkey</module-option>
       <module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=FirebirdDS</module-option>
       </login-module>
       </authentication>
       </application-policy>
       <application-policy name = "JmsXARealm">
       <authentication>
       <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
       flag = "required">
       <module-option name = "principal">guest</module-option>
       <module-option name = "userName">guest</module-option>
       <module-option name = "password">guest</module-option>
       <module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=jmsra</module-option>
       </login-module>
       </authentication>
       </application-policy>
       <application-policy name = "OracleDbRealm">
       <authentication>
       <!-- <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required"> -->
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
       <module-option name = "dsJndiName">java:/EnacDS</module-option>
       <module-option name = "principalsQuery">select PWD from ACCOUNT where USERNAME=? And ISELIMINATO = FALSE</module-option>
       <module-option name = "rolesQuery">select PROFILO, PROFILO from ACCOUNT where USERNAME=?</module-option>
       <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=OracleDS</module-option>
       </login-module>
       </authentication>
       </application-policy>
       <!-- The default login configuration used by any security domain that
       does not have a application-policy entry with a matching name
       -->
       <application-policy name = "other">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag = "required" />
       </authentication>
       </application-policy>
       </policy>
      

      and just the beginning of bosscmp-jdbc.xml
      <jbosscmp-jdbc>
       <defaults>
       <datasource>java:/EnacDS</datasource>
       <datasource-mapping>Oracle8</datasource-mapping>
       <create-table>true</create-table>
       <remove-table>false</remove-table>
       <read-only>false</read-only>
       <pk-constraint>true</pk-constraint>
       <preferred-relation-mapping>foreign-key</preferred-relation-mapping>
       <read-ahead>
       <strategy>on-load</strategy>
       <page-size>253</page-size>
       <eager-load-group>*</eager-load-group>
       </read-ahead>
       <!-- <list-cache-max>1000</list-cache-max> -->
       </defaults>
       <enterprise-beans>
      ,,,
      

      here is the exception:

      2005-03-01 15:25:37,360 WARN [org.jboss.system.ServiceController] Problem starting service jboss.j2ee:jndiName=Recapito,service=EJB
      java.lang.SecurityException: Invalid authentication attempt, principal=null


      your help will be much appreciated.
      thanks
      luca