[jboss-user] [Security & JAAS/JBoss] - DatabaseServerLoginModule configuration problem
basy
do-not-reply at jboss.com
Tue Aug 8 14:03:31 EDT 2006
Hi...
I'm using JBoss 4.0.3 and I have problems with turning on JBoss security DatabaseServerLoginModule.
I use JBoss for processing EJB remote methods using JNDI.
ejb-jar.xml:
<session >
| <display-name>MyEJB</display-name>
| <ejb-name>MyEJB</ejb-name>
|
| <home>myPackage.MyEJB</home>
| <remote>myPackage.remote.MyEJB</remote>
| <local-home>myPackage.home.MyEJBHome</local-home>
| <local>myPackage.home.MyEJBLocal</local>
| <ejb-class>myPackage.MyEJBBean</ejb-class>
| <session-type>Stateless</session-type>
| <transaction-type>Container</transaction-type>
| </session>
jboss.xml:
<jboss>
| <security-domain>java:/jaas/xxx</security-domain>
| <enterprise-beans>
| <session>
| <ejb-name>MyEJB</ejb-name>
| <jndi-name>ejb/MyEJB</jndi-name>
| <local-jndi-name>MyEJBLocal</local-jndi-name>
| <method-attributes>
| </method-attributes>
| </session>
| ...
When the JBoss is running and I try to create LoginContext from my Eclipse project:
public static void main(String[] args) {
| AppCallbackHandler handler = new AppCallbackHandler("username","password".toCharArray());
| System.setProperty("java.security.auth.login.config", PATH+"/auth.conf");
| LoginContext lc;
| try {
| lc = new LoginContext("xxx", handler);
| lc.login();
| ...
|
The program fails on new LoginContext("xxx", handler);
javax.security.auth.login.LoginException: unable to find LoginModule class: org.jboss.security.auth.spi.DatabaseServerLoginModule
| at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808)
| at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
| at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
| at java.security.AccessController.doPrivileged(Native Method)
| at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
| at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
|
Do I have to include any jars to my project class path?
I have included jaas.jar, and jbossall-client.jar...
When I try to include jbosssx.jar into my project class path I recive:
javax.security.auth.login.LoginException: java.lang.NoClassDefFoundError:
|
| org/jboss/system/ServiceMBeanSupport
| at java.lang.ClassLoader.defineClass1(Native Method)
| at java.lang.ClassLoader.defineClass(ClassLoader.java:620)
| at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124)
| at java.net.URLClassLoader.defineClass(URLClassLoader.java:260)
| at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
| at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
Can anybody help my to resolve this problem please?
My auth.conf:
xxx
| {
| org.jboss.security.ClientLoginModule required;
| org.jboss.security.auth.spi.DatabaseServerLoginModule required
| unauthenticatedIdentity="guest"
| dsJndiName ="java:/MySQLDS"
| principalsQuery="SELECT PASS FROM USERS WHERE LOGIN=?"
| rolesQuery="SELECT ROLE, ROLE_GROUP FROM USER_ROLES WHERE PRINCIPAL =?"
| ;
| };
|
| client-login
| {
| org.jboss.security.ClientLoginModule required;
| };
|
| other
| {
| org.jboss.security.ClientLoginModule required;
| };
login-config.xml:
<application-policy name = "xxx">
| <authentication>
| <login-module code = "org.jboss.security.ClientLoginModule" flag = "required">
| </login-module>
| <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
| <module-option name = "unauthenticatedIdentity">guest</module-option>
| <module-option name = "dsJndiName">java:/MySQLDS</module-option>
| <module-option name = "principalsQuery">SELECT PASS FROM USERS WHERE LOGIN=?</module-option>
| <module-option name = "rolesQuery">SELECT ROLE, ROLE_GROUP FROM USER_ROLES WHERE PRINCIPAL =?</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3963876#3963876
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3963876
More information about the jboss-user
mailing list