[jboss-user] [Security & JAAS/JBoss] - Re: Programmatic Login Advice

pander do-not-reply at jboss.com
Tue Dec 5 12:28:54 EST 2006 

OK,

One of the "Admins" is bound to know what this is given this TRACE output.

Here is where you can clearly see that the programmatic login is working. It's calling my DBLoginModule, then calling the ClientLoginModule and finally forwarding to the user's homepage.


  | 2006-12-05 16:58:39,703 INFO  [cc.livewire.jboss.login.DBLoginModule] Entering DBLoginModule !!!!!!!!!!!!!!!!!!!!!!!!!!!!
  | 2006-12-05 16:58:39,705 INFO  [cc.livewire.jboss.login.DBLoginModule] Logged in user paul OK !!
  | 2006-12-05 16:58:39,705 INFO  [cc.livewire.jboss.login.DBLoginModule] SESSION_ID:CC617D5EB33DDF849FCCE011CC7F2661
  | 2006-12-05 16:58:39,725 TRACE [org.jboss.security.ClientLoginModule] Security domain: AMIRealm
  | 2006-12-05 16:58:39,725 TRACE [org.jboss.security.ClientLoginModule] Enabling restore-login-identity mode
  | 2006-12-05 16:58:39,725 TRACE [org.jboss.security.ClientLoginModule] Enabling useFirstPass mode
  | 2006-12-05 16:58:39,725 TRACE [org.jboss.security.ClientLoginModule] Begin login
  | 2006-12-05 16:58:39,728 TRACE [org.jboss.security.ClientLoginModule] commit, subject=Subject:
  |         Principal: paul
  |         Principal: Roles(members:ami.reseller)
  | 
  | 2006-12-05 16:58:39,728 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
  |         Principal: paul
  |         Principal: Roles(members:ami.reseller)
  | , sc=org.jboss.security.SecurityAssociation$SubjectContext at 1e13ce3{principal=,subject=6592395}
  | 2006-12-05 16:58:39,728 INFO  [org.apache.jsp.test_jsp] Got past the login call !!.....
  | 2006-12-05 16:58:39,729 DEBUG [org.apache.catalina.core.ApplicationDispatcher] servletPath=/homePage.do, pathInfo=null, queryString=null, name=null
  | 2006-12-05 16:58:39,729 DEBUG [org.apache.catalina.core.ApplicationDispatcher]  Path Based Forward

However, the next click that is made shows some strange things in the server log. It's like the ClientLoginModule never passed on any details at all as when I click on the Logindetails.do?action=change link it automatically is refering me to login.jsp and booting me back to the login page.


  | 2006-12-05 17:05:50,400 DEBUG [org.apache.catalina.connector.CoyoteAdapter]  Requested cookie session id is CC617D5EB33DDF849FCCE011CC7F2661
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] Process request for '/AMI/LoginDetails.do'
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]  Checking for SSO cookie
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]  SSO cookie is not present
  | 2006-12-05 17:05:50,401 TRACE [org.jboss.web.tomcat.security.FormAuthValve] Enter, j_username=null
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request GET /AMI/LoginDetails.do
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.realm.RealmBase]   Checking constraint 'SecurityConstraint[Secure Content]' against GET /LoginDetails.do --> true
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.realm.RealmBase]   Checking constraint 'SecurityConstraint[Secure Content]' against GET /LoginDetails.do --> true
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.realm.RealmBase]   Checking constraint 'SecurityConstraint[Secure Content]' against GET /LoginDetails.do --> true
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase]  Calling hasUserDataPermission()
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.realm.RealmBase]   User data constraint already satisfied
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase]  Calling authenticate()
  | 2006-12-05 17:05:50,401 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] Save request in session 'CC617D5EB33DDF849FCCE011CC7F2661'
  | 2006-12-05 17:05:50,402 DEBUG [org.apache.catalina.core.ApplicationDispatcher] servletPath=/login.jsp, pathInfo=null, queryString=null, name=null
  | 2006-12-05 17:05:50,402 DEBUG [org.apache.catalina.core.ApplicationDispatcher]  Path Based Forward
  | 2006-12-05 17:05:50,402 TRACE [org.jboss.web.tomcat.security.RunAsListener] jsp, runAs: null
  | 2006-12-05 17:05:50,402 TRACE [org.jboss.web.tomcat.security.RunAsListener] jsp, runAs: null
  | 2006-12-05 17:05:50,409 TRACE [org.jboss.web.tomcat.security.RunAsListener] jsp, runAs: null
  | 2006-12-05 17:05:50,409 TRACE [org.jboss.web.tomcat.security.RunAsListener] jsp, runAs: null
  | 2006-12-05 17:05:50,409 DEBUG [org.apache.catalina.core.ApplicationDispatcher]  Disabling the response for futher output
  | 2006-12-05 17:05:50,409 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase]  Failed authenticate() test
  | 2006-12-05 17:05:50,409 TRACE [org.jboss.web.tomcat.security.FormAuthValve] SessionID: CC617D5EB33DDF849FCCE011CC7F2661
  | 2006-12-05 17:05:50,409 TRACE [org.jboss.web.tomcat.security.FormAuthValve] SecurityAssociation.exception: null
  | 2006-12-05 17:05:50,409 TRACE [org.jboss.web.tomcat.security.FormAuthValve] Exit, username: null
  | 2006-12-05 17:05:50,409 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
  | 

Surely this must be enough info for someone to have a clue as to what the problem is?

Here's hoping.
Kind Regards,
Paul.



View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3991381#3991381

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3991381

More information about the jboss-user mailing list