[jboss-user] [Security & JAAS/JBoss] - Got 403 Error with own LoginModule

userand do-not-reply at jboss.com
Wed Nov 22 10:40:50 EST 2006 

Hi,

I need to implement a LoginModule for the JBoss Portal and I got stuck.
By now I use the plain jboss-portal-2.4.0.

The LoginModule is extending the UsernamePasswordLoginModule class and the methods are
called sucessfully.

I wrote some dummy methods to test if all goes well:


  |     protected String getUsersPassword() 
  |         throws LoginException {
  |         
  |         String userName;
  | 
  |         
  |         MyLoginModule.log.info( "getUsersPassword() aufgerufen" );
  |         
  |         userName = this.getUsername();
  |         MyLoginModule.log.info( 
  |                 "getUsersPassword(): Benutzername: " + userName );
  |         
  |         if( userName.equals( "andreas" ) == true )
  |         {
  |             return "pwd_andreas";
  |         }
  |         else
  |         {
  |             return "";
  |         }
  |     }
  | 
  |     protected boolean validatePassword( 
  |             String inputPassword, 
  |             String expected )
  |     {
  |         boolean result;
  |         
  |         
  |         MyLoginModule.log.info( 
  |                 "validatePassword(): [" +
  |                 inputPassword + 
  |                 "] [" +
  |                 expected +
  |                 "]" );
  |         
  |         result = super.validatePassword( inputPassword, expected );
  | 
  |         MyLoginModule.log.info( "validatePassword(): " + result );
  |         return result;
  |     }
  | 
  |     protected Group[] getRoleSets() 
  |         throws LoginException {
  | 
  |         SimpleGroup actGroup[];
  | 
  |         
  |         MyLoginModule.log.info( "getRoleSets(): aufgerufen" );
  |         actGroup = new SimpleGroup[1];
  |         
  |         
  |         actGroup[0] = new SimpleGroup( "Roles" );
  |         actGroup[0].addMember( 
  |                 new SimplePrincipal( "Admin" ) );
  | 
  |         MyLoginModule.log.info( "getRoleSets(): fertig." );
  |         return actGroup;
  |     }
  | 

When I authenticate, I will get an 403 error and the following output in the server logs:

anonymous wrote : 
  | LoginModule Class: de.abracon.jboss.AbraLoginModule
  | ControlFlag: Anmeldemodul-Steuerflag: required
  | Options:
  | 2006-11-22 16:09:40,218 INFO  [de.abracon.jboss.AbraLoginModule] LoginModule instanziiert.
  | 2006-11-22 16:09:40,218 INFO  [de.abracon.jboss.AbraLoginModule] getUsersPassword() aufgerufen
  | 2006-11-22 16:09:40,218 INFO  [de.abracon.jboss.AbraLoginModule] getUsersPassword(): Benutzername: andreas
  | 2006-11-22 16:09:40,218 INFO  [de.abracon.jboss.AbraLoginModule] validatePassword(): [pwd_andreas] [pwd_andreas]
  | 2006-11-22 16:09:40,218 INFO  [de.abracon.jboss.AbraLoginModule] validatePassword(): true
  | 2006-11-22 16:09:40,218 INFO  [de.abracon.jboss.AbraLoginModule] getRoleSets(): aufgerufen
  | 2006-11-22 16:09:40,218 INFO  [de.abracon.jboss.AbraLoginModule] getRoleSets(): fertig.
  | 2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] defaultLogin, lc=javax.security.auth.login.LoginContext at 17ea32c, subject=Subject(17484699).principals=org.jboss.security.SimplePrincipal at 27542048(andreas)org.jboss.security.SimpleGroup at 29176256(Roles(members:Admin))
  | 2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] updateCache, inputSubject=Subject(17484699).principals=org.jboss.security.SimplePrincipal at 27542048(andreas)org.jboss.security.SimpleGroup at 29176256(Roles(members:Admin)), cacheSubject=Subject(870036).principals=org.jboss.security.SimplePrincipal at 27542048(andreas)org.jboss.security.SimpleGroup at 29176256(Roles(members:Admin))
  | 2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] Inserted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 194ccbc[Subject(870036).principals=org.jboss.security.SimplePrincipal at 27542048(andreas)org.jboss.security.SimpleGroup at 29176256(Roles(members:Admin)),credential.class=java.lang.String at 24659469,expirationTime=1164209980203]
  | 2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] End isValid, true
  | 2006-11-22 16:09:40,234 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Betreff:
  | 	Principal: andreas
  | 	Principal: Roles(members:Admin)
  | , sc=org.jboss.security.SecurityAssociation$SubjectContext at 16de797{principal=andreas,subject=8366806}
  | 2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 194ccbc[Subject(870036).principals=org.jboss.security.SimplePrincipal at 27542048(andreas)org.jboss.security.SimpleGroup at 29176256(Roles(members:Admin)),credential.class=java.lang.String at 24659469,expirationTime=1164209980203]
  | 2006-11-22 16:09:40,234 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext at 16de797{principal=andreas,subject=8366806}
  | 2006-11-22 16:09:40,234 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getUserRoles, subject: Betreff:
  | 	Principal: andreas
  | 	Principal: Roles(members:Admin)
  | 
  | 2006-11-22 16:09:40,234 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
  | 2006-11-22 16:09:40,250 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
  | 2006-11-22 16:16:31,453 DEBUG [org.jboss.resource.connectionmanager.IdleRemover] run: IdleRemover notifying pools, interval: 450000
  | 

Any idea what went wrong ...


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3987918#3987918

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3987918

More information about the jboss-user mailing list