[jboss-user] [Security & JAAS/JBoss] - Re: Invoke secured EJB from standalone Tomcat
craig1980
do-not-reply at jboss.com
Thu Oct 2 13:02:11 EDT 2008
Hi.
First of all thnx for you help.
I'm trying to understand what happens.
I have created a simple Java class who calls my secured EJB; i have added under my class-path all the client jars needed (jbossall-client.jar) and i creted my jaas.config file in this way:
| danetworkflow {
| org.jboss.security.ClientLoginModule required;
| };
|
I can successfull invoke my secured EJB; from the log i have:
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: null
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] defaultLogin, principal=ML
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(wfdemopluto), size=11
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in appConfigs, tyring parentCont: null
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in parentConfig, trying: other
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(wfdemopluto), authInfo=AppConfigurationEntry[]:
| [0]
| LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
| ControlFlag: LoginModuleControlFlag: required
| Options:
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] initialize, instance=@32141780
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/users.properties, defaults=null
| 2008-10-02 18:49:05,484 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost]
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/roles.properties, defaults=null
| 2008-10-02 18:49:05,484 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost]
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] login
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] User 'ML' authenticated, loginOk=true
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] commit, loginOk=true
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: ML, roles string: WfMOpenAdmin
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Adding to Roles: WfMOpenAdmin
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: root, roles string: WfMOpenAdmin
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: ang, roles string: WfMOpenAdmin,CMS_CE_ADMIN,CMS_CE_APP
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: Admin, roles string: WfMOpenAdmin
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: angpippo, roles string: WfMOpenAdmin
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: cost, roles string: WfMOpenAdmin,CMS_CE_ADMIN,CMS_CE_PUB
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] defaultLogin, lc=javax.security.auth.login.LoginContext at d73c3c, subject=Subject(11767226).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin))
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] updateCache, inputSubject=Subject(11767226).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)), cacheSubject=Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin))
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Inserted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
| , sc=org.jboss.security.SecurityAssociation$SubjectContext at 7262b6{principal=ML,subject=28233541}
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext at 7262b6{principal=ML,subject=28233541}
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
|
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
| 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext at 7262b6{principal=ML,subject=28233541}
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640];credential.class=[C at 9744710
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
| , sc=org.jboss.security.SecurityAssociation$SubjectContext at 17b5179{principal=ML,subject=19003734}
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext at 17b5179{principal=ML,subject=19003734}
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
|
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
| 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] getPrincipal, principal=ML
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640];credential.class=[C at 9744710
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
| , sc=org.jboss.security.SecurityAssociation$SubjectContext at 178b0f9{principal=ML,subject=11188351}
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext at 178b0f9{principal=ML,subject=11188351}
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
|
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext at 178b0f9{principal=ML,subject=11188351}
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
| 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext at 17b5179{principal=ML,subject=19003734}
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640];credential.class=[C at 9744710
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
| , sc=org.jboss.security.SecurityAssociation$SubjectContext at 1412c18{principal=ML,subject=28696941}
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext at 1412c18{principal=ML,subject=28696941}
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
|
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getPrincipal, principal=ML
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640];credential.class=[C at 9744710
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
| , sc=org.jboss.security.SecurityAssociation$SubjectContext at 1e2ee3f{principal=ML,subject=25659337}
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext at 1e2ee3f{principal=ML,subject=25659337}
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
|
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
| 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
| 2008-10-02 18:49:06,406 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
| 2008-10-02 18:49:06,406 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
| 2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext at 1e2ee3f{principal=ML,subject=25659337}
| 2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
| 2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext at 1412c18{principal=ML,subject=28696941}
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640];credential.class=[C at 9744710
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
| , sc=org.jboss.security.SecurityAssociation$SubjectContext at 1f1e0e0{principal=ML,subject=14864555}
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext at 1f1e0e0{principal=ML,subject=14864555}
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
|
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
| 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext at 1f1e0e0{principal=ML,subject=14864555}
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640];credential.class=[C at 9744710
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
| , sc=org.jboss.security.SecurityAssociation$SubjectContext at 1291479{principal=ML,subject=33507544}
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext at 1291479{principal=ML,subject=33507544}
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
|
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
| 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext at 1291479{principal=ML,subject=33507544}
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640];credential.class=[C at 9744710
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
| , sc=org.jboss.security.SecurityAssociation$SubjectContext at 54919e{principal=ML,subject=2373615}
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext at 54919e{principal=ML,subject=2373615}
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject:
| Principal: ML
| Principal: Roles(members:WfMOpenAdmin)
|
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin)
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML
| 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal at 23185873(ML)org.jboss.security.SimpleGroup at 10578812(Roles(members:WfMOpenAdmin)),credential.class=[C at 9744710,expirationTime=1222967917640]
| 2008-10-02 18:49:07,234 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous]
| 2008-10-02 18:49:07,234 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext at 54919e{principal=ML,subject=2373615}
| 2008-10-02 18:49:23,859 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1222966163859 sessioncount 0
| 20
|
Now i have my web application (liferay portal) who has this jaas.config:
| PortalRealm {
| com.liferay.portal.kernel.security.jaas.PortalLoginModule required;
| };
|
I have added the jboss login module too; so the new jaas.config file is:
| PortalRealm {
| com.liferay.portal.kernel.security.jaas.PortalLoginModule required;
| org.jboss.security.ClientLoginModule required;
| };
|
But i'm not able to understand why i can't invole my EJB. The error log is:
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:null, cache info: null
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] defaultLogin, principal=null
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(wfdemopluto), size=11
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in appConfigs, tyring parentCont: null
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in parentConfig, trying: other
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(wfdemopluto), authInfo=AppConfigurationEntry[]:
| [0]
| LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
| ControlFlag: LoginModuleControlFlag: required
| Options:
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] initialize, instance=@27700281
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/users.properties, defaults=null
| 2008-10-02 18:45:02,671 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost]
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/roles.properties, defaults=null
| 2008-10-02 18:45:02,671 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost]
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] login
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Authenticating as unauthenticatedIdentity=null
| 2008-10-02 18:45:02,671 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for username=null
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] abort
| 2008-10-02 18:45:02,671 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Login failure
| javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
| at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
| at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
| at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
| at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
| at java.security.AccessController.doPrivileged(Native Method)
| at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
| at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
| at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601)
| at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
| at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
| at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:211)
| at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:135)
| at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132)
| at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107)
| at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:637)
| at org.jboss.ejb.Container.invoke(Container.java:975)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.invocation.jrmp.server.JRMPInvoker$MBeanServerAction.invoke(JRMPInvoker.java:819)
| at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:420)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
| at sun.rmi.transport.Transport$1.run(Transport.java:153)
| at java.security.AccessController.doPrivileged(Native Method)
| at sun.rmi.transport.Transport.serviceCall(Transport.java:149)
| at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
| at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
| at java.lang.Thread.run(Thread.java:595)
| 2008-10-02 18:45:02,718 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, false
|
I can't understand why principal is not propagated to Jboss layer.
I do these steps:
| I log to the portal
| I arrive to my page
| I try to invoke my ejb
|
|
| I really can't understand where i'm losign something..
| Can anybod help me pls?
|
| Thnx
|
| Angelo.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4180111#4180111
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4180111
More information about the jboss-user
mailing list