[jboss-user] [Security & JAAS/JBoss] - Re: Problem with Dynamic Login Config on JBoss 5.0.1
Plukh
do-not-reply at jboss.com
Mon May 25 09:48:23 EDT 2009
I'm trying the new simpler approach and can't seem to get my application to work (old DynamicLoginConfig way worked fine).
Here's what I'm doing:
WEB-INF/jboss-web.xml (in the web module)
| <?xml version="1.0" encoding="UTF-8"?>
| <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 4.2//EN"
| "http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd">
| <jboss-web>
| <security-domain>java:/jaas/gameportal</security-domain>
| </jboss-web>
|
META-INF/gameportal-jboss-beans.xml (in ear)
| <?xml version="1.0" encoding="UTF-8"?>
|
| <deployment xmlns="urn:jboss:bean-deployer:2.0">
|
| <application-policy xmlns="urn:jboss:security-beans:1.0" name="gameportal">
| <authentication>
| <login-module code="ru.gameportal.login.GameportalLoginModule"
| flag="required">
| </login-module>
| </authentication>
| </application-policy>
|
| </deployment>
|
Unfortunately, JBoss doesn't call my custom login module (I'm using WebAuthentication for programmatic login, if it matters). Some info, hopefully relevant, from the log file:
| 17:37:50,437 TRACE [ApplicationPolicyMetaDataFactory] Generating metadata for application-policy gameportal
| 17:37:50,437 TRACE [ApplicationPolicyMetaDataFactory] Generating authentication metadata for policy gameportal
| 17:37:50,437 TRACE [ApplicationPolicyMetaDataFactory] Injecting security management JNDIBasedSecurityManagement into application-policy metadata
| 17:37:50,468 TRACE [ApplicationPolicyBean] ApplicationPolicy gameportal created org.jboss.security.config.ApplicationPolicy at 1c2f724
| 17:37:50,468 TRACE [ApplicationPolicyBean] ApplicationPolicy gameportal registered
| ...
| 17:38:06,703 TRACE [JaccContextValve] MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData at 1f:principalToRoleSetMapnull
| 17:38:06,703 TRACE [SecurityAssociationValve] Begin invoke, caller=null
| ...
| 17:38:06,718 TRACE [JBossWebRealm] Begin authenticate, username=vdenisov at redline.ru
| 17:38:06,718 DEBUG [JNDIBasedSecurityManagement] Creating SDC for domain=gameportal
| 17:38:06,718 TRACE [JaasSecurityManager] Constructing
| 17:38:06,718 DEBUG [gameportal] CallbackHandler: org.jboss.security.auth.callback.JBossCallbackHandler at f92417
| 17:38:06,718 DEBUG [gameportal] CachePolicy set to: org.jboss.util.TimedCachePolicy at b0a21a
| 17:38:06,718 DEBUG [JNDIBasedSecurityManagement] setCachePolicy, c=org.jboss.util.TimedCachePolicy at b0a21a
| 17:38:06,718 TRACE [gameportal] Begin isValid, principal:vdenisov at redline.ru, cache info: null
| 17:38:06,718 TRACE [gameportal] defaultLogin, principal=vdenisov at redline.ru
| 17:38:06,718 TRACE [XMLLoginConfigImpl] Begin getAppConfigurationEntry(gameportal), size=11
| 17:38:06,718 TRACE [XMLLoginConfigImpl] End getAppConfigurationEntry(gameportal), authInfo=AppConfigurationEntry[]:
| [0]
| LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
| ControlFlag: LoginModuleControlFlag: required
| Options:
| name=usersProperties, value=u.properties
| name=unauthenticatedIdentity, value=anonymous
| name=rolesProperties, value=r.properties
|
It then proceeds to authenticate using UsersRolesLoginModule (and, of course, failes to open appropriate files).
Any advice?
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4233051#4233051
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4233051
More information about the jboss-user
mailing list