JBoss Community

Authentication failed using DatabaseServerLoginModule

created by Ricardo Marini in PicketBox Development - View the full discussion

Hi all.

 

I'm trying to use the DatabaseServerLoginModule, but isn't working. I found many examples like this.
What is wrong?

 

I've in my standalone.xml:

                ...
                <security-domain name="TestSecurityDomain" cache-type="default">
                    <authentication>
                        <login-module code="Remoting" flag="optional">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                        <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
                            <module-option name="dsJndiName" value="java:jboss/datasources/MysqlDS"/>
                            <module-option name="principalsQuery" value="select u_password from users where u_name=?"/>
                            <module-option name="rolesQuery" value="select u_profile_name, 'Roles' from user_profile where u_name=?"/>
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                    </authentication>
                </security-domain>
                ...
                <datasource jndi-name="java:jboss/datasources/MysqlDS" pool-name="MysqlDS" enabled="true" use-java-context="true">
                    <connection-url>jdbc:mysql://localhost:3306/teste</connection-url>
                    <driver>mysql</driver>
                    <security>
                        <user-name>user_db</user-name>
                        <password>pass_db</password>
                    </security>
                    <statement>
                        <prepared-statement-cache-size>100</prepared-statement-cache-size>
                        <share-prepared-statements>true</share-prepared-statements>
                    </statement>
                </datasource>
                ...
            <security-realm name="TestApplicationRealm">
                <authentication>
                     <jaas name="TestSecurityDomain"/>
                </authentication>
            </security-realm>
        ...
        <subsystem xmlns="urn:jboss:domain:remoting:1.1">
            <connector name="remoting-connector" socket-binding="remoting" security-realm="TestApplicationRealm"/>
        </subsystem>

 
In the jboss-app.xml:
<security-domain>TestSecurityDomain</security-domain>


In the client side:

jboss-ejb-client.properties:
endpoint.name=client-endpoint
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port=4447
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false


lookup class:
   Hashtable envTable = new Hashtable();
   envTable.put(Context.URL_PKG_PREFIXES,
     "org.jboss.ejb.client.naming");
   envTable.put(Context.INITIAL_CONTEXT_FACTORY,
     "org.jboss.naming.remote.client.InitialContextFactory");
   envTable.put(Context.PROVIDER_URL, "remote://localhost:4447");
   envTable.put(Context.SECURITY_PRINCIPAL, "rmarini");
   envTable.put(Context.SECURITY_CREDENTIALS, "rmarini1");
   envTable.put("jboss.naming.client.ejb.context", true);
   Context context = new InitialContext(envTable);

  
When I run the client, returns this exception:
INFO: JBoss Remoting version 3.2.3.GA
21/12/2012 10:57:57 org.jboss.remoting3.remote.RemoteConnection handleException
ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
javax.naming.NamingException: Failed to create remoting connection [Root exception is java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed]
at org.jboss.naming.remote.client.ClientUtil.namingException(ClientUtil.java:36)
at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:121)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
    ...
Caused by: java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.naming.remote.protocol.IoFutureHelper.get(IoFutureHelper.java:87)
at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:56)
at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateCachedNamingStore(InitialContextFactory.java:166)
at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateNamingStore(InitialContextFactory.java:139)
at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:104)
... 5 more
Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:365)
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)
at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.nio.NioHandle.run(NioHandle.java:90)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)
at ...asynchronous invocation...(Unknown Source)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)
at org.jboss.naming.remote.client.EndpointCache$EndpointWrapper.connect(EndpointCache.java:105)
at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:55)
... 8 more

 

In the server, no exception is displayed, even set org.jboss.security to TRACE.

 

I tried with Jboss 7.1 (picketbox-4.0.7.Final) and Jboss 7.2 Alpha (picketbox-4.0.14.Final).

 

I found AS7-1370 related with this topic. there is a form to work around this?

 

Thanks,

 

Ricardo.

Reply to this message by going to Community

Start a new discussion in PicketBox Development at Community