[Security & JAAS/JBoss] - Re: Error 403 when using DatabaseServerLoginModule
by yj4jboss
Hello jaikiran,
Thnx for helping me with the debugging.....I managed to get the logs...Wat i fail to understand is why is the user role not assigned to the principal ??
|
| 20:01:05,265 TRACE [jaastest] Begin isValid, principal:admin, cache info: null
| 20:01:05,265 TRACE [jaastest] defaultLogin, principal=admin
| 20:01:05,265 TRACE [XMLLoginConfigImpl] Begin getAppConfigurationEntry(jaastest), size=10
| 20:01:05,265 TRACE [XMLLoginConfigImpl] End getAppConfigurationEntry(jaastest), authInfo=AppConfigurationEntry[]:
| [0]
| LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
| ControlFlag: LoginModuleControlFlag: required
| Options:name=rolesProperties, value=SELECT role from roles where principalId=?
| name=usersProperties, value=SELECT password for principals WHERE principalId=?
| name=dsJndiName, value=java:/jaastestDatasource
|
| 20:01:05,265 DEBUG [WebappClassLoader] loadClass(org.jboss.security.auth.spi.DatabaseServerLoginModule, false)
| 20:01:05,265 DEBUG [WebappClassLoader] Searching local repositories
| 20:01:05,265 DEBUG [WebappClassLoader] findClass(org.jboss.security.auth.spi.DatabaseServerLoginModule)
| 20:01:05,265 DEBUG [WebappClassLoader] Delegating to parent classloader at end: java.net.FactoryURLClassLoader@188689a
| 20:01:05,265 DEBUG [WebappClassLoader] Loading class from parent
| 20:01:05,265 DEBUG [WebappClassLoader] loadClass(org.jboss.util.naming.NonSerializableFactory, false)
| 20:01:05,265 DEBUG [WebappClassLoader] Searching local repositories
| 20:01:05,265 DEBUG [WebappClassLoader] findClass(org.jboss.util.naming.NonSerializableFactory)
| 20:01:05,265 DEBUG [WebappClassLoader] Delegating to parent classloader at end: java.net.FactoryURLClassLoader@188689a
| 20:01:05,265 DEBUG [WebappClassLoader] Loading class from parent
| 20:01:05,281 TRACE [jaastest] defaultLogin, lc=javax.security.auth.login.LoginContext@d72e3f, subject=Subject(18693899).principals=org.jboss.security.SimplePrincipal@17050661(admin)org.jboss.security.SimpleGroup@12759622(Admin(members:Admin))
| 20:01:05,281 TRACE [jaastest] updateCache, inputSubject=Subject(18693899).principals=org.jboss.security.SimplePrincipal@17050661(admin)org.jboss.security.SimpleGroup@12759622(Admin(members:Admin)), cacheSubject=Subject(18223014).principals=org.jboss.security.SimplePrincipal@17050661(admin)org.jboss.security.SimpleGroup@12759622(Admin(members:Admin))
| 20:01:05,281 TRACE [jaastest] Inserted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@15d84e0[Subject(18223014).principals=org.jboss.security.SimplePrincipal@17050661(admin)org.jboss.security.SimpleGroup@12759622(Admin(members:Admin)),credential.class=java.lang.String@31598780,expirationTime=1162571435218]
| 20:01:05,281 TRACE [jaastest] End isValid, true
| 20:01:05,281 TRACE [JBossSecurityMgrRealm] User: admin is authenticated
| 20:01:05,281 TRACE [SecurityAssociation] pushSubjectContext, subject=Subject:
| Principal: admin
| Principal: Admin(members:Admin)
| , sc=org.jboss.security.SecurityAssociation$SubjectContext@becf73{principal=admin,subject=19247740}
| 20:01:05,281 TRACE [jaastest] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@15d84e0[Subject(18223014).principals=org.jboss.security.SimplePrincipal@17050661(admin)org.jboss.security.SimpleGroup@12759622(Admin(members:Admin)),credential.class=java.lang.String@31598780,expirationTime=1162571435218]
| 20:01:05,281 TRACE [JBossSecurityMgrRealm] Mapped from input principal: adminto: admin
| 20:01:05,281 TRACE [SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@becf73{principal=admin,subject=19247740}
| 20:01:05,281 TRACE [jaastest] getUserRoles, subject: Subject:
| Principal: admin
| Principal: Admin(members:Admin)
|
| 20:01:05,281 TRACE [JBossSecurityMgrRealm] End authenticate, principal=GenericPrincipal[admin()]
| 20:01:05,281 DEBUG [AuthenticatorBase] Authenticated 'admin' with type 'BASIC'
| 20:01:05,281 DEBUG [AuthenticatorBase] Calling accessControl()
| 20:01:05,281 TRACE [JBossSecurityMgrRealm] Checking roles GenericPrincipal[admin()]
| 20:01:05,281 DEBUG [RealmBase] Username admin does NOT have role user
| 20:01:05,281 TRACE [JBossSecurityMgrRealm] No role found: user
| 20:01:05,281 TRACE [JBossSecurityMgrRealm] Checking for all roles mode: authOnly
| 20:01:05,281 DEBUG [AuthenticatorBase] Failed accessControl() test
| 20:01:05,281 TRACE [SecurityAssociation] clear, server=true
|
|
Is something missing in my configs, bcoz the correct user seams to be authenticated .....its only the user role which is not being found ??
Thnx in advance.
Regards,
Jankee Yogesh
http://www.m-itc.net
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983009#3983009
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3983009
19Â years, 6Â months
[JCA/JBoss] - JBoss MS SQL Server DataSource Exception
by danielkalcevich
I have tried posting a question similar to this one in a different thread, but got no response, so I thought I would try explaining it a different way. I am attempting to declare a DataSource in JBoss for MS SQL Server DB to the "/mdc" namespace in the JNDI. I am receiving an exception (shown below) when I try to access that DataSource through an app deployed in the Tomcat Service (in JBoss).
My question is what does this exception mean and what can I do to fix it? For more context, my web app is running Spring with Ibatis 2.2.0. Thanks.
Daniel
--------
Data Source:
<local-tx-datasource>
<jndi-name>mdc</jndi-name>
<connection-url>jdbc:inetdae7:server:1433?database=MDC</connection-url>
<driver-class>com.inet.tds.TdsDriver</driver-class>
<user-name>xxxx</user-name>
xxx
<type-mapping>MS SQLSERVER2000</type-mapping>
</local-tx-datasource>
-----
JBoss Web Resource Ref:
<resource-ref>
<res-ref-name>mdc</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<jndi-name>java:/mdc</jndi-name>
</resource-ref>
-----------
Exception:
Caused by: java.lang.IllegalAccessException: Method=public abstract java.sql.Connection java.sql.Statement.getConnection() throws java.sql.SQLException does not return Serializable
at org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService.doStatementMethod(WrapperDataSourceService.java:411)
at org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService.invoke(WrapperDataSourceService.java:223)
at sun.reflect.GeneratedMethodAccessor127.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
at org.jboss.invocation.jrmp.server.JRMPInvoker$MBeanServerAction.invoke(JRMPInvoker.java:819)
at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:420)
at sun.reflect.GeneratedMethodAccessor126.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
at sun.rmi.transport.Transport$1.run(Transport.java:153)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:149)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
at java.lang.Thread.run(Thread.java:595)
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:247)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:223)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:126)
at org.jboss.invocation.jrmp.server.JRMPInvoker_Stub.invoke(Unknown Source)
at org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:133)
at org.jboss.invocation.InvokerInterceptor.invokeInvoker(InvokerInterceptor.java:365)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:197)
at org.jboss.proxy.ClientMethodInterceptor.invoke(ClientMethodInterceptor.java:74)
at org.jboss.resource.adapter.jdbc.remote.StatementInterceptor.invoke(StatementInterceptor.java:58)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:100)
... 119 more
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983005#3983005
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3983005
19Â years, 6Â months
[JBoss Seam] - jBPM and @Unwrap question
by bsmithjj
Hello,
I am trying to come up with a pattern for initializing the Seam Actor for jBPM in my system. There is no login action in my system - we're authenticating using a custom Tomcat Valve (integration with an enterprise SSO system). So I tried to use the @Unwrap approach here:
| @Name("initjBPMActor")
| public class InitjBPMActor {
|
| @Logger Log log;
|
| @In
| private Principal userPrincipal;
|
| @Unwrap
| public Actor getActor() {
| // get an instance of Actor, set it's id using the userPrincipal.name value
| Actor actor = Actor.instance();
| actor.setId(userPrincipal.getName());
| log.info("getActor() : Actor -> "+actor);
| // todo - remove logging...
| return actor;
| }
| }
|
I have a SFSB in which the Actor is @In'jected. When I invoke a method that uses the actor, it doesn't seem that getActor() is ever called (I don't see the log.info() message in my logging output). Furthermore, I think that this attempt to @Unwrap the Actor is causing problems with Seam, because once I attempt to invoke a method in my SFSB which does nothing but log.info()'s, I do not see output of the log.info()'s and the test case appears to fail (SeamTest).
If it's not possible to use Actor with @Unwrap (because it gets special handling by Seam), then is it possible to specify that the Actor ALWAYS gets its id from userPrincipal.name? (i.e. - some kind of default strategy - maybe it's a good idea to provide a few different strategies in the framework to pick from, including a custom strategy).
Thanks,
Brad Smith
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983004#3983004
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3983004
19Â years, 6Â months
[JBoss Messaging] - EJB3 MDB stopped working
by jaink
Hi,
Tried posting this on EJB3.0 forum but may be this is better forum for this issue
Basically, EJB3 MDBs which were working fine with JBoss 4.0.4.GA, JBoss Messaging1.0.1.CR5 and EJB3 RC8 have stopped working with EJB3 RC9.
Tried also running the example EJB3MDB that comes with JBoss Messaging and got the same exception
10:49:25,242 WARN [ServiceController] Problem starting service jboss.j2ee:jar=m
db-example.ejb3,name=EJB3MDBExample,service=EJB3
java.lang.NullPointerException
at org.jboss.ejb3.mdb.MDB.getMessagingType(MDB.java:85)
at org.jboss.ejb3.mdb.inflow.JBossMessageEndpointFactory.resolveMessageL
istener(JBossMessageEndpointFactory.java:241)
The MDB implements just the MessageListener interface so this really puzzling.
Thanks for the help.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983003#3983003
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3983003
19Â years, 6Â months