[Design of Security on JBoss] - Combining BaseCertLoginModule with LdapExtLoginModule doesn'
by borgman.martin
On the following wiki page http://wiki.jboss.org/wiki/BaseCertLoginModule you'll find the following example:
<application-policy name = "jmx-console">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.BaseCertLoginModule"
| flag = "required">
| <module-option name="password-stacking">useFirstPass</module-option>
| <module-option name="securityDomain">java:/jaas/jmx-console</module-option>
| </login-module>
| <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
| flag = "required">
| <module-option name="password-stacking">useFirstPass</module-option>
| <module-option name="usersProperties">jmx-console-users.properties</module-option>
| <module-option name="rolesProperties">jmx-console-roles.properties</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
As the text states, the user is authenticate using his certificate and the rest if his principal object is populated by the UserRolseLoginModule (the UserRolesLoginModule adds the authenticated users roles).
This trick unfortunately doesn't work with the LdapExtLoginModule. The user is properly authenticated by the BaseCertLoginModule and because of that the LdapExtLoginModule returns successful without adding the users roles.
This is inconsistent.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4154838#4154838
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4154838
16 years, 6 months
[Design of JBoss Profiler] - Native Profiler mbean not created
by suffolksoft
I duly copied jboss-profiler-noAOP.jar in to my server/deploy
directory. However, I see an error in server.log on startup.
Here is top of stack trace:
2008-05-30 14:03:19,656 DEBUG [org.jboss.deployment.SARDeployer] create operation failed for package file:/C:/jboss/jboss-3.2.7/server/default/deploy/jboss-profiler-noAOP.sar
org.jboss.deployment.DeploymentException: Unknown xmbean type null; -nested throwable: (javax.management.NotCompliantMBeanException: Unknown xmbean type null)
at org.jboss.system.ServiceConfigurator.install(ServiceConfigurator.java:142)
As a result, of course, I don't see the mbean in jmx-console.
jboss-profile web app appears to work okay and there is nothing
else strange in log file.
Using:
JBoss 3.2.7
jboss-profiler-1.0.CR4
Java 1.5.0_10-b03
on Windows XP
Do I have some kind of version incompatibility? I find no mention
of this problem elsewhere.
Thanks
Rob
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4154773#4154773
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4154773
16 years, 6 months