9:15 a.m.
DatabaseServerLoginModule doesn't work
--------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT password
FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm" value="SHA-1"/>
<module-option name="hashEncoding" value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:04 p.m.
New subject: [JBoss JIRA] Assigned: (AS7-1182) DatabaseServerLoginModule doesn't work
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse reassigned AS7-1182:
-------------------------------------
Assignee: Darran Lofthouse
DatabaseServerLoginModule doesn't work
--------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:06 p.m.
New subject: [JBoss JIRA] Updated: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-1182:
----------------------------------
Summary: Incorrect security domain selected for web application. (was:
DatabaseServerLoginModule doesn't work)
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:08 p.m.
New subject: [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse commented on AS7-1182:
---------------------------------------
Juergen, do you have a thread started for this in the AS7 Users discussions?
It would be helpful to see how the web application is being associated with the security
domain as the error suggests to me that the 'other' domain is being picked up
instead of your domain rather than an issue with the login module itself.
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
5:51 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Juergen Zimmermann updated AS7-1182:
------------------------------------
Attachment: test.ear.zip
testcase-src.zip
Darran, sorry I was out of town last week. I attached a testcase:
* testcase-src.zip contains the sources for an EAR with an EJB module and a web module
* testcase.ear.zip contains the exploded ear.
The security domain is specified in <EAR>/META-INF/jboss-app.xml as it was in JBoss
6. In <web>/WEB-INF/web.xml is a protected URL for a RESTful web service.
You can invoke the web service this way:
http://localhost:8080/testREST/customer/1
The sources of the EAR contain setup.sql: a small script for H2 so that there is a
customer with id 1, username 1 and password 1, and having the role 'admin'.
In standalone.xml I add two entries on my Windows box:
* Inside <datasource> for ExampleDS I extended the URL because I placed the script
setup.sql in C:\temp:
;INIT=RUNSCRIPT FROM 'C:\\temp\\setup.sql'
* Furthermore I added this security domain:
<security-domain name="test" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:jboss/datasources/ExampleDS"/>
<module-option name="unauthenticatedIdentity" value="gast"/>
<module-option name="principalsQuery" value="SELECT password FROM user
WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT r.role, 'Roles'
FROM role r INNER JOIN user u ON r.user_fk = u.id WHERE u.username=?"/>
</login-module>
</authentication>
</security-domain>
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
5:56 a.m.
New subject: [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
jaikiran pai commented on AS7-1182:
-----------------------------------
I haven't yet looked at the application. But:
{quote}
The security domain is specified in <EAR>/META-INF/jboss-app.xml as it was in JBoss
6
{quote}
Can you try specifying that security domain in the .war/WEB-INF/jboss-web.xml as follows:
{code:xml}
...
<security-domain>test</security-domain>
...
{code}
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
5:58 a.m.
New subject: [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse commented on AS7-1182:
---------------------------------------
Thanks for the attachment, I will have a look - it sounds like the security domain in the
jboss-app.xml is not getting picked up.
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:16 a.m.
New subject: [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Juergen Zimmermann commented on AS7-1182:
-----------------------------------------
I added <security-domain>test</security-domain> to both jboss.xml in the EJB
module, and to jboss-web.xml in the web module: The issue is gone. It sounds like
<security-domain> in jboss-app.xml is ignored.
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
11:14 p.m.
New subject: [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Juergen Zimmermann commented on AS7-1182:
-----------------------------------------
I realized that the JNDI names for security domains changed, e.g. java:jboss/jaas/test
instead of java:/jaas/test as it was in JBoss 4.2, 5 and 6. But this didn't help
either.
The relevant output of "jboss-admin -c command=/subsystem=naming:jndi-view" :
{
"outcome" => "success",
"result" => {
"java: contexts" => {
"java:jboss" => {
"jaas" => {
"class-name" =>
"org.jboss.as.naming.context.ModularReference",
"children" => {
"test" => {
"class-name" =>
"org.jboss.as.security.plugins.SecurityDomainContext",
"value" =>
"org.jboss.security.authentication.JBossCachedAuthenticationManager@17b55e6"
},
"swe" => {
"class-name" =>
"org.jboss.as.security.plugins.SecurityDomainContext",
"value" =>
"org.jboss.security.authentication.JBossCachedAuthenticationManager@448b7f"
},
"other" => {
"class-name" =>
"org.jboss.as.security.plugins.SecurityDomainContext",
"value" =>
"org.jboss.security.authentication.JBossCachedAuthenticationManager@224002"
},
"verschluesseltesDbPassword" => {
"class-name" =>
"org.jboss.as.security.plugins.SecurityDomainContext",
"value" =>
"org.jboss.security.authentication.JBossCachedAuthenticationManager@9875a3"
}
}
},
...
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:54 a.m.
New subject: [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse commented on AS7-1182:
---------------------------------------
Jeurgen, is the <security-domain> in the jboss.xml and jboss-web.xml still working?
Your previous assessment "It sounds like <security-domain> in jboss-app.xml is
ignored." was correct, I am following up with on that one as it does seem the
jboss-app.xml is only partially supported.
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:55 a.m.
New subject: [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Juergen Zimmermann commented on AS7-1182:
-----------------------------------------
Only jboss-web.xml is working. I tried an Arquillian test with just EJBs and jboss.xml: it
doesn't work.
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
11:06 a.m.
New subject: [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse commented on AS7-1182:
---------------------------------------
Ok will check jboss.xml as well
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:47 a.m.
New subject: [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse commented on AS7-1182:
---------------------------------------
Re the jboss.xml handling that is now being addressed in AS7-1211 where a jboss-ejb3.xml
descriptor is being introduced.
I have also created AS7-1355 for the jboss-app.xml descriptor as in addition to the
security-domain handling there are also additional changes required.
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
5:01 p.m.
New subject: [JBoss JIRA] (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Jason Greene commented on AS7-1182:
-----------------------------------
Do we still need this issue open? It seems we have two other issues for the problems now.
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
5:03 p.m.
New subject: [JBoss JIRA] (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Jason Greene updated AS7-1182:
------------------------------
Fix Version/s: Open To Community
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Fix For: Open To Community
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:10 a.m.
New subject: [JBoss JIRA] (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse resolved AS7-1182.
-----------------------------------
Resolution: Duplicate Issue
Resolving as a duplicate as the two linked issues should have already addressed specifying
the domains in the descriptors.
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Fix For: Open To Community
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:13 a.m.
New subject: [JBoss JIRA] (AS7-1182) Incorrect security domain selected for web application.
[
https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-1182:
----------------------------------
Fix Version/s: (was: Open To Community)
Incorrect security domain selected for web application.
-------------------------------------------------------
Key: AS7-1182
URL: https://issues.jboss.org/browse/AS7-1182
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.0.0.CR1
Reporter: Juergen Zimmermann
Assignee: Darran Lofthouse
Attachments: test.ear.zip, testcase-src.zip
I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following
security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule
instead of DatabaseServerLoginModule.
Security domain in standalone.xml:
<security-domain name="swe2" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName"
value="java:/swe2DS"/>
<module-option name="unauthenticatedIdentity"
value="gast"/>
<module-option name="principalsQuery" value="SELECT
password FROM kunde WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role,
'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE
k.username=?"/>
<module-option name="hashAlgorithm"
value="SHA-1"/>
<module-option name="hashEncoding"
value="base64"/>
</login-module>
</authentication>
</security-domain>
Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule]
(http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException:
No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129)
[picketbox-4.0.0.CR1.jar:4.0.0.CR1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154)
[picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57)
[jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49)
[jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054)
[jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
5196
days inactive
5443
days old
16 comments
5 participants
participants (5)
-
Darran Lofthouse (JIRA) -
jaikiran pai (JIRA)
-
Jason Greene (Commented) (JIRA)
-
Jason Greene (Updated) (JIRA)
-
Juergen Zimmermann (JIRA)