Hi guys,
I have many applications with use JAAS. When the
client invoke Action “login”, I get the following error:
2007-09-13 09:19:05,510
DEBUG [AgendaCorporativa.model.br.com.xxx.fwp.control.LoginAction] execute() -
action: LOGIN
2007-09-13 09:19:05,520
DEBUG [AgendaCorporativa.model.br.com.xxxx.fwp.control.LoginAction] execute() -
voTela: {action=LOGIN, j_username=,
excluirMultiplos=[Ljava.lang.String;@1614ee3, page=1, j_password=}
2007-09-13 09:19:05,535
ERROR [AgendaCorporativa.model.br.com.xxxx.fwp.control.LoginAction]
jboss.security:service=JaasSecurityManager
javax.management.InstanceNotFoundException:
jboss.security:service=JaasSecurityManager
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getMBean(DefaultMBeanServerInterceptor.java:1010)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:804)
at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
at br.com.unimed.fwp.control.LoginAction.doActionLogIn(LoginAction.java:198)
above the partial code the my application and login-config.xml
String
domain = "jmx-console";
Principal
user = new FwpPrincipal(login, null);
ObjectName
jaasMgr = new ObjectName(
"jboss.security:service=JaasSecurityManager");
Object[]
params = { domain, user };
String[]
signature = { "java.lang.String", Principal.class.getName() };
MBeanServer
server = (MBeanServer) MBeanServerFactory.findMBeanServer(
null).get(0);
server.invoke(jaasMgr,
"flushAuthenticationCache", params, signature);
JaasSecurityManager
jaas = (JaasSecurityManager) ServiceLocator
.getInstance().getService(“java:/jaas/fwp-security”);
jaas.flushCache();
login-config.xml:
<?xml version='1.0'?>
<!DOCTYPE policy PUBLIC
"-//JBoss//DTD
JBOSS Security Config 3.0//EN"
"http://www.jboss.org/j2ee/dtd/security_config.dtd">
<!-- The XML based JAAS login configuration read
by the
org.jboss.security.auth.login.XMLLoginConfig mbean.
Add
an application-policy element for each security
domain.
The outline of the application-policy is:
<application-policy
name="security-domain-name">
<authentication>
<login-module
code="login.module1.class.name" flag="control_flag">
<module-option name
= "option1-name">option1-value</module-option>
<module-option name
= "option2-name">option2-value</module-option>
...
</login-module>
<login-module
code="login.module2.class.name" flag="control_flag">
...
</login-module>
...
</authentication>
</application-policy>
$Revision: 1.12.2.2 $
-->
<policy>
<!-- Used by clients within the
application server VM such as
mbeans and servlets that access
EJBs.
-->
<application-policy name =
"client-login">
<authentication>
<login-module code =
"org.jboss.security.ClientLoginModule"
flag = "required">
</login-module>
</authentication>
</application-policy>
<application-policy
name="fwp-security">
<authentication>
<login-module
code="org.jboss.security.ClientLoginModule" flag="required"
>
</login-module>
<login-module
code="br.com.unimed.fwp.security.loginmodule.FwpLoginModule
" flag="required">
</login-module>
</authentication>
</application-policy>
<!-- Security domain for
JBossMQ -->
<application-policy name =
"jbossmq">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name =
"unauthenticatedIdentity">guest</module-option>
<module-option name =
"dsJndiName">java:/mysql-jbossdb</module-option>
<module-option name = "principalsQuery">SELECT PASSWD FROM
JMS_USERS WHERE USERID=?<
/module-option>
<module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM
JMS_ROLES WHERE USERI
D=?</module-option>
</login-module>
</authentication>
</application-policy>
<!-- Security domain for
JBossMQ when using file-state-service.xml
<application-policy name =
"jbossmq">
<authentication>
<login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
flag = "required">
<module-option name =
"unauthenticatedIdentity">guest</module-option>
<module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
</login-module>
</authentication>
</application-policy>
-->
<!-- Security domains for
testing new jca framework -->
<application-policy name =
"HsqlDbRealm">
<authentication>
<login-module code =
"org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag = "required">
<module-option name = "principal">sa</module-option>
<module-option name = "userName">sa</module-option>
<module-option name = "password"></module-option>
<module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,nam
e=DefaultDS</module-option>
</login-module>
</authentication>
</application-policy>
<application-policy name =
"JmsXARealm">
<authentication>
<login-module code =
"org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag = "required">
<module-option name = "principal">guest</module-option>
<module-option name = "userName">guest</module-option>
<module-option name = "password">guest</module-option>
<module-option name =
"managedConnectionFactoryName">jboss.jca:service=TxCM,name=Jms
XA</module-option>
</login-module>
</authentication>
</application-policy>
<!-- A template configuration
for the jmx-console web application. This
defaults to the
UsersRolesLoginModule the same as other and should be
changed to a stronger
authentication mechanism as required.
-->
<application-policy name =
"jmx-console">
<authentication>
<login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required">
<module-option name="usersProperties">props/jmx-console-users.properties</module-optio
n>
<module-option
name="rolesProperties">props/jmx-console-roles.properties</module-optio
n>
</login-module>
</authentication>
</application-policy>
<!-- A template configuration
for the web-console web application. This
defaults to the
UsersRolesLoginModule the same as other and should be
changed to a stronger
authentication mechanism as required.
-->
<application-policy name =
"web-console">
<authentication>
<login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required">
<module-option
name="usersProperties">web-console-users.properties</module-option>
<module-option
name="rolesProperties">web-console-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
<!-- A template configuration
for the JBossWS web application (and transport layer!).
This defaults to the UsersRolesLoginModule the same
as other and should be
changed to a stronger
authentication mechanism as required.
-->
<application-policy
name="JBossWS">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option
name="unauthenticatedIdentity">anonymous</module-option>
</login-module>
</authentication>
</application-policy>
<!-- The default login
configuration used by any security domain that
does not have a application-policy
entry with a matching name
-->
<application-policy name =
"other">
<!-- A simple
server login module, which can be used when the number
of users is
relatively small. It uses two properties files:
users.properties, which holds users (key) and their password (value).
roles.properties, which holds users (key) and a comma-separated list of
their roles
(value).
The
unauthenticatedIdentity property defines the name of the principal
that will be
used when a null username and password are presented as is
the case for an
unuathenticated web client or MDB. If you want to
allow such users
to be authenticated add the property, e.g.,
unauthenticatedIdentity="nobody"
-->
<authentication>
<login-module code =
"org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</authentication>
</application-policy>
<!--
Modulo de autenticacao especifico do chat -->
The unauthenticatedIdentity
property defines the name of the principal
that will be
used when a null username and password are presented as is
the case for an
unuathenticated web client or MDB. If you want to
allow such users
to be authenticated add the property, e.g.,
unauthenticatedIdentity="nobody"
-->
<authentication>
<login-module code =
"org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</authentication>
</application-policy>
<!--
Modulo de autenticacao especifico do chat -->
<application-policy
name="fwp_chat-security">
<authentication>
<login-module code="org.jboss.security.ClientLoginModule"
flag="required">
</login-module>
<login-module
code="br.com.unimed.chatcorporativo.security.loginmodule.ChatLoginMod
ule" flag="required">
</login-module>
</authentication>
</application-policy>
<!-- Configuracao do Lambda Probe -->
<application-policy name =
"probe">
<authentication>
<login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag =
"required">
<module-option name="usersProperties">props/probe-users.properties</module-option>
<module-option
name="rolesProperties">props/probe-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
</policy>
Any idea on the issue?
Tks
- - - - - - -
Claudemir Ferreira Franco
Analista Suporte Unix
BrasilTelecom Site III - CyberDatacenter