[jboss-user] [Security & JAAS/JBoss] - Cannot get JAAS to work

henkie.maritz@iits do-not-reply at jboss.com
Tue Oct 28 17:11:06 EDT 2008 

Hi there

I'm new to JBoss and did configure some web pages to work through JAAS, but I get an exception.
Two questions:
1. What am I doing wrong?
2. How can I debug this to see which of the various steps are wrong?

Any help will be much appreciated.

Regards

Here's the detail:
JDK 1.5
JBoss 4.2.2

Here is my web.xml file extract:
 <security-constraint>
  <display-name>Admin</display-name>
  <web-resource-collection>
   DepotList page
   <web-resource-name>DepotList</web-resource-name>
   <url-pattern>/faces/DepotList.jsp</url-pattern>
  </web-resource-collection>
  <auth-constraint>
   System administrator
   <role-name>Administrator</role-name>
  </auth-constraint>
 </security-constraint>
 <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>OrderSystemJaasDbRealm</realm-name>
 </login-config>
 <security-role>
  System administrator
  <role-name>Administrator</role-name>
 </security-role>
 <security-role>
  Depot user
  <role-name>User</role-name>
 </security-role>


Here is my jboss-web.xml file extract:
<jboss-web>
  <security-domain>java:/jaas/OrderSystemJaasDbRealm</security-domain>
</jboss-web>


In folder jboss-4.2.2.GA\server\default\conf I have the following two files:
iits-login-config-service.xml


   
      iits-login-config.xml
      <depends optional-attribute-name="LoginConfigService">
         jboss.security:service=XMLLoginConfig
      
      <depends optional-attribute-name="SecurityManagerService">
         jboss.security:service=JaasSecurityManager
      
   
 


iits-login-config.xml



    <application-policy name = "OrderSystemJaasDbRealm">
       
          <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
             flag = "required">
             <module-option name = "unauthenticatedIdentity">guest</module-option>
             <module-option name = "password-stacking">useFirstPass</module-option>
             <module-option name = "dsJndiName">java:/MYDBDS</module-option>
             <module-option name = "principalsQuery">SELECT PASSWORD FROM USER WHERE NAME=?</module-option>
             <module-option name = "rolesQuery">SELECT ROLE.NAME, 'Roles' FROM USER, ROLE WHERE USER.NAME=? AND USER.ROLE_ID = ROLE.ID</module-option>
          </login-module>
       
    </application-policy>



I get the following exception when I entered the user name and password:\

23:10:08,125 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files
java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
        at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315)
        at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
        at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
        at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
        at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
        at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
        at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
        at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)
        at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
        at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
        at java.lang.Thread.run(Thread.java:595)






View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4185229#4185229

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4185229

More information about the jboss-user mailing list