10:11 a.m.
JAAS domain not found on long running tests
-------------------------------------------
Key: SECURITY-491
URL: https://jira.jboss.org/jira/browse/SECURITY-491
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public (Everyone can see)
Environment: JBoss AS trunk
Reporter: Jeff Mesnil
Assignee: Anil Saldhana
When running JMS TCK tests, at some point in time, I've got a trace about the JAAS
domain being not found:
11:32:58,049 TRACE [org.jboss.security.plugins.mapping.JBossMappingManager] Application
Policy not found for domain=java:/jaas/cts.Mapping framework will use the default
domain:other
And then subsequent authentication fails:
11:33:50,487 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] logout
11:33:55,200 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin
getAppConfigurationEntry(cts), size=15
11:33:55,958 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End
getAppConfigurationEntry(cts), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag : required
Options:
name=usersProperties, value=cts-users.properties
name=unauthenticatedIdentity, value=cts-user
name=rolesProperties, value=cts-roles.properties
name=password-stacking, value=useFirstPass
11:34:06,984 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.cts] Login
failure: javax.security.auth.login.LoginException: classe LoginModule introuvable :
org.jboss.security.auth.spi.UsersRolesLoginModule
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at
org.hornetq.integration.jboss.security.JBossASSecurityManager.validateUser(JBossASSecurityManager.java:81)
at
org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:128)
...
There are no other org.jboss.security logs before that one.
Previously, a NPE was raised but it was fixed by
https://jira.jboss.org/jira/browse/SECURITY-484.
Still, the root issue is that somehow the AS does not find the Application policy for the
domain for some reasons.
The only hint I have is that happens when running the tests for a long period of time (1h
or more). If I restart the AS server and run the failing tests, they all pass.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:36 p.m.
New subject: [JBoss JIRA] Commented: (SECURITY-491) JAAS domain not found on long running tests
[
https://jira.jboss.org/jira/browse/SECURITY-491?page=com.atlassian.jira.p...
]
Scott Marlow commented on SECURITY-491:
---------------------------------------
Is this related to JBAS-7946?
JAAS domain not found on long running tests
-------------------------------------------
Key: SECURITY-491
URL: https://jira.jboss.org/jira/browse/SECURITY-491
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Environment: JBoss AS trunk
Reporter: Jeff Mesnil
Assignee: Anil Saldhana
When running JMS TCK tests, at some point in time, I've got a trace about the JAAS
domain being not found:
11:32:58,049 TRACE [org.jboss.security.plugins.mapping.JBossMappingManager] Application
Policy not found for domain=java:/jaas/cts.Mapping framework will use the default
domain:other
And then subsequent authentication fails:
11:33:50,487 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] logout
11:33:55,200 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin
getAppConfigurationEntry(cts), size=15
11:33:55,958 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End
getAppConfigurationEntry(cts), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag : required
Options:
name=usersProperties, value=cts-users.properties
name=unauthenticatedIdentity, value=cts-user
name=rolesProperties, value=cts-roles.properties
name=password-stacking, value=useFirstPass
11:34:06,984 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.cts] Login
failure: javax.security.auth.login.LoginException: classe LoginModule introuvable :
org.jboss.security.auth.spi.UsersRolesLoginModule
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at
org.hornetq.integration.jboss.security.JBossASSecurityManager.validateUser(JBossASSecurityManager.java:81)
at
org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:128)
...
There are no other org.jboss.security logs before that one.
Previously, a NPE was raised but it was fixed by
https://jira.jboss.org/jira/browse/SECURITY-484.
Still, the root issue is that somehow the AS does not find the Application policy for the
domain for some reasons.
The only hint I have is that happens when running the tests for a long period of time (1h
or more). If I restart the AS server and run the failing tests, they all pass.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:16 a.m.
New subject: [JBoss JIRA] Commented: (SECURITY-491) JAAS domain not found on long running tests
[
https://jira.jboss.org/jira/browse/SECURITY-491?page=com.atlassian.jira.p...
]
Jeff Mesnil commented on SECURITY-491:
--------------------------------------
this is a cause of JBAS-7946.
The log above are when I ran the TCK's jms tests.
For a lot of tests, authentication passes and after some time, this JAAS issue appears and
all following authentications fail with a JMSSecurityException thrown to the client.
JAAS domain not found on long running tests
-------------------------------------------
Key: SECURITY-491
URL: https://jira.jboss.org/jira/browse/SECURITY-491
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Environment: JBoss AS trunk
Reporter: Jeff Mesnil
Assignee: Anil Saldhana
When running JMS TCK tests, at some point in time, I've got a trace about the JAAS
domain being not found:
11:32:58,049 TRACE [org.jboss.security.plugins.mapping.JBossMappingManager] Application
Policy not found for domain=java:/jaas/cts.Mapping framework will use the default
domain:other
And then subsequent authentication fails:
11:33:50,487 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] logout
11:33:55,200 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin
getAppConfigurationEntry(cts), size=15
11:33:55,958 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End
getAppConfigurationEntry(cts), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag : required
Options:
name=usersProperties, value=cts-users.properties
name=unauthenticatedIdentity, value=cts-user
name=rolesProperties, value=cts-roles.properties
name=password-stacking, value=useFirstPass
11:34:06,984 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.cts] Login
failure: javax.security.auth.login.LoginException: classe LoginModule introuvable :
org.jboss.security.auth.spi.UsersRolesLoginModule
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at
org.hornetq.integration.jboss.security.JBossASSecurityManager.validateUser(JBossASSecurityManager.java:81)
at
org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:128)
...
There are no other org.jboss.security logs before that one.
Previously, a NPE was raised but it was fixed by
https://jira.jboss.org/jira/browse/SECURITY-484.
Still, the root issue is that somehow the AS does not find the Application policy for the
domain for some reasons.
The only hint I have is that happens when running the tests for a long period of time (1h
or more). If I restart the AS server and run the failing tests, they all pass.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:37 a.m.
New subject: [JBoss JIRA] Commented: (SECURITY-491) JAAS domain not found on long running tests
[
https://jira.jboss.org/jira/browse/SECURITY-491?page=com.atlassian.jira.p...
]
Clebert Suconic commented on SECURITY-491:
------------------------------------------
Can someone close this JIRA? The real issue was HORNETQ-366. After fixed the TCK is
passing fine without any security issues.
I would do it but I have lost privileges on most projects.
JAAS domain not found on long running tests
-------------------------------------------
Key: SECURITY-491
URL: https://jira.jboss.org/jira/browse/SECURITY-491
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Environment: JBoss AS trunk
Reporter: Jeff Mesnil
Assignee: Anil Saldhana
When running JMS TCK tests, at some point in time, I've got a trace about the JAAS
domain being not found:
11:32:58,049 TRACE [org.jboss.security.plugins.mapping.JBossMappingManager] Application
Policy not found for domain=java:/jaas/cts.Mapping framework will use the default
domain:other
And then subsequent authentication fails:
11:33:50,487 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] logout
11:33:55,200 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin
getAppConfigurationEntry(cts), size=15
11:33:55,958 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End
getAppConfigurationEntry(cts), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag : required
Options:
name=usersProperties, value=cts-users.properties
name=unauthenticatedIdentity, value=cts-user
name=rolesProperties, value=cts-roles.properties
name=password-stacking, value=useFirstPass
11:34:06,984 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.cts] Login
failure: javax.security.auth.login.LoginException: classe LoginModule introuvable :
org.jboss.security.auth.spi.UsersRolesLoginModule
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at
org.hornetq.integration.jboss.security.JBossASSecurityManager.validateUser(JBossASSecurityManager.java:81)
at
org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:128)
...
There are no other org.jboss.security logs before that one.
Previously, a NPE was raised but it was fixed by
https://jira.jboss.org/jira/browse/SECURITY-484.
Still, the root issue is that somehow the AS does not find the Application policy for the
domain for some reasons.
The only hint I have is that happens when running the tests for a long period of time (1h
or more). If I restart the AS server and run the failing tests, they all pass.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:06 a.m.
New subject: [JBoss JIRA] Closed: (SECURITY-491) JAAS domain not found on long running tests
[
https://jira.jboss.org/jira/browse/SECURITY-491?page=com.atlassian.jira.p...
]
Anil Saldhana closed SECURITY-491.
----------------------------------
Fix Version/s: PicketBox_v3_0_beta5
Resolution: Rejected
JAAS domain not found on long running tests
-------------------------------------------
Key: SECURITY-491
URL: https://jira.jboss.org/jira/browse/SECURITY-491
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Environment: JBoss AS trunk
Reporter: Jeff Mesnil
Assignee: Anil Saldhana
Fix For: PicketBox_v3_0_beta5
When running JMS TCK tests, at some point in time, I've got a trace about the JAAS
domain being not found:
11:32:58,049 TRACE [org.jboss.security.plugins.mapping.JBossMappingManager] Application
Policy not found for domain=java:/jaas/cts.Mapping framework will use the default
domain:other
And then subsequent authentication fails:
11:33:50,487 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] logout
11:33:55,200 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin
getAppConfigurationEntry(cts), size=15
11:33:55,958 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End
getAppConfigurationEntry(cts), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag : required
Options:
name=usersProperties, value=cts-users.properties
name=unauthenticatedIdentity, value=cts-user
name=rolesProperties, value=cts-roles.properties
name=password-stacking, value=useFirstPass
11:34:06,984 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.cts] Login
failure: javax.security.auth.login.LoginException: classe LoginModule introuvable :
org.jboss.security.auth.spi.UsersRolesLoginModule
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at
org.hornetq.integration.jboss.security.JBossASSecurityManager.validateUser(JBossASSecurityManager.java:81)
at
org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:128)
...
There are no other org.jboss.security logs before that one.
Previously, a NPE was raised but it was fixed by
https://jira.jboss.org/jira/browse/SECURITY-484.
Still, the root issue is that somehow the AS does not find the Application policy for the
domain for some reasons.
The only hint I have is that happens when running the tests for a long period of time (1h
or more). If I restart the AS server and run the failing tests, they all pass.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5353
days inactive
5382
days old
4 comments
4 participants
participants (4)
-
Anil Saldhana (JIRA) -
Clebert Suconic (JIRA)
-
Jeff Mesnil (JIRA)
-
Scott Marlow (JIRA)