BaseConnectionManager2 does not propagate or log authentication exception cause
-------------------------------------------------------------------------------
Key: JBAS-5802
URL:
https://jira.jboss.org/jira/browse/JBAS-5802
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: JCA service, Security
Affects Versions: JBossAS-4.2.2.GA
Environment: JBoss AS 4.3.0 / 4.2.2, DB2 XA-Connection errors
Reporter: Carsten Mjartan
Assignee: Jesper Pedersen
In org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(), the following
code handles authentication errors while obtaining a new database connection from the
pool:
...
if (securityDomain.isValid(principal, credential, subject) == false)
throw new SecurityException("Invalid authentication attempt,
principal=" + principal);
...
If there are errors during authentication, they are not logged or rethrown like it's
done in AuthenticationInterceptor:
...
if (authenticationManager.isValid(principal, credential, subject) == false)
{
// Check for the security association exception
Exception ex = SecurityActions.getContextException();
if (ex != null)
throw ex;
...
In our case, we had a bug in our login-config for the security domain being used for the
database connections. The real exception came from the LoginModule's initialize
method, but the only message we got is a SecurityException with 'Invalid
authentication attempt'.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira