[jboss-dev-forums] [PicketBox Development] - Authentication failed using DatabaseServerLoginModule

Ricardo Marini do-not-reply at jboss.com
Fri Dec 21 10:20:48 EST 2012 

Ricardo Marini [https://community.jboss.org/people/rmarini] created the discussion

"Authentication failed using DatabaseServerLoginModule"

To view the discussion, visit: https://community.jboss.org/message/784490#784490

--------------------------------------------------------------
Hi all.

I'm trying to use the DatabaseServerLoginModule, but isn't working. I found many examples like this.
What is wrong?

I've in my standalone.xml:
                ...
                <security-domain name="TestSecurityDomain" cache-type="default">
                    <authentication>
                        <login-module code="Remoting" flag="optional">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                        <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
                            <module-option name="dsJndiName" value="java:jboss/datasources/MysqlDS"/>
                            <module-option name="principalsQuery" value="select u_password from users where u_name=?"/>
                            <module-option name="rolesQuery" value="select u_profile_name, 'Roles' from user_profile where u_name=?"/>
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                    </authentication>
                </security-domain>
                ...
                <datasource jndi-name="java:jboss/datasources/MysqlDS" pool-name="MysqlDS" enabled="true" use-java-context="true">
                    <connection-url>jdbc:mysql://localhost:3306/teste</connection-url>
                    <driver>mysql</driver>
                    <security>
                        <user-name>user_db</user-name>
                        <password>pass_db</password>
                    </security>
                    <statement>
                        <prepared-statement-cache-size>100</prepared-statement-cache-size>
                        <share-prepared-statements>true</share-prepared-statements>
                    </statement>
                </datasource>
                ...
            <security-realm name="TestApplicationRealm">
                <authentication>
                     <jaas name="TestSecurityDomain"/>
                </authentication>
            </security-realm>
        ...
        <subsystem xmlns="urn:jboss:domain:remoting:1.1">
            <connector name="remoting-connector" socket-binding="remoting" security-realm="TestApplicationRealm"/>
        </subsystem>

In the jboss-app.xml:
<security-domain>TestSecurityDomain</security-domain>

In the client side:
jboss-ejb-client.properties:
endpoint.name=client-endpoint
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port=4447
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false

lookup class:
   Hashtable envTable = new Hashtable();
   envTable.put(Context.URL_PKG_PREFIXES,
     "org.jboss.ejb.client.naming");
   envTable.put(Context.INITIAL_CONTEXT_FACTORY,
     "org.jboss.naming.remote.client.InitialContextFactory");
   envTable.put(Context.PROVIDER_URL, "remote://localhost:4447");
   envTable.put(Context.SECURITY_PRINCIPAL, "rmarini");
   envTable.put(Context.SECURITY_CREDENTIALS, "rmarini1");
   envTable.put("jboss.naming.client.ejb.context", true);
   Context context = new InitialContext(envTable);

When I run the client, returns this exception:
INFO: JBoss Remoting version 3.2.3.GA
21/12/2012 10:57:57 org.jboss.remoting3.remote.RemoteConnection handleException
ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
javax.naming.NamingException: Failed to create remoting connection [Root exception is java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed]
 at org.jboss.naming.remote.client.ClientUtil.namingException(ClientUtil.java:36)
 at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:121)
 at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
 at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
 at javax.naming.InitialContext.init(InitialContext.java:223)
 at javax.naming.InitialContext.<init>(InitialContext.java:197)
    ...
Caused by: java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
 at org.jboss.naming.remote.protocol.IoFutureHelper.get(IoFutureHelper.java:87)
 at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:56)
 at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateCachedNamingStore(InitialContextFactory.java:166)
 at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateNamingStore(InitialContextFactory.java:139)
 at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:104)
 ... 5 more
Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
 at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:365)
 at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)
 at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
 at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)
 at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)
 at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
 at org.xnio.nio.NioHandle.run(NioHandle.java:90)
 at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)
 at ...asynchronous invocation...(Unknown Source)
 at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)
 at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)
 at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)
 at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)
 at org.jboss.naming.remote.client.EndpointCache$EndpointWrapper.connect(EndpointCache.java:105)
 at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:55)
 ... 8 more

In the server, no exception is displayed, even set org.jboss.security to TRACE.

I tried with Jboss 7.1 (picketbox-4.0.7.Final) and Jboss 7.2 Alpha (picketbox-4.0.14.Final).

I found AS7-1370 related with this topic. there is a form to work around this?

Thanks,

Ricardo.
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/784490#784490]

Start a new discussion in PicketBox Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2088]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20121221/4e0dc732/attachment-0001.html

More information about the jboss-dev-forums mailing list