[jboss-dev-forums] [JBoss AS 7 Development] - Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)

apparaonali do-not-reply at jboss.com
Tue Feb 21 09:49:25 EST 2012 

apparaonali [https://community.jboss.org/people/apparaonali] created the discussion

"Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)"

To view the discussion, visit: https://community.jboss.org/message/718350#718350

--------------------------------------------------------------
I am also facing the user name encrypted issue.
I tried with the above suggestion, still it failed to login due to encrypted vaule of Principal/user.
I enabled trace and verified the Principal/user value it is always encrypted value and different for run to run.

I added below lines as per your suggestion:
================================
<security-realm name="ManagementRealm">
 <authentication>
 <jaas name="AppuLogin" />
 </authentication>
 </security-realm>

I also added below lines as remote socket binding referring to "ApplicationRealm <subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="*ApplicationRealm*"/> </subsystem>"

security-realm name="ApplicationRealm">
                <authentication>
                    <jaas name="iS3Login"/>
                </authentication>
            </security-realm>

Here is server side trace, I underlined the principal value:


8:35:26,010 DEBUG [org.jboss.security.plugins.JBossAuthenticationManager.AppuLogin] (EJB default - 1) CallbackHandler:  mailto:org.jboss.security.auth.callback.JBossCallbackHandler at cfed14 org.jboss.security.auth.callback.JBossCallbackHandler at cfed14
08:35:26,010 TRACE [org.jboss.security.plugins.JBossAuthenticationManager.AppuLogin] (EJB default - 1) Begin isValid, principal:*f048cdad-baf6-4aef-8591-186a7414350f*
08:35:26,010 TRACE [org.jboss.security.plugins.JBossAuthenticationManager.AppuLogin] (EJB default - 1) defaultLogin, principal=*f048cdad-baf6-4aef-8591-186a7414350f*
08:35:26,010 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (EJB default - 1) Begin getAppConfigurationEntry(AppuLogin), size=3
08:35:26,026 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (EJB default - 1) End getAppConfigurationEntry(AppuLogin), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: sufficient
Options:
name=hashAlgorithm, value=SHA-256
name=principalsQuery, value=select password from sessionuser where name=?
name=hashEncoding, value=base64
name=dsJndiName, value=java:/jdbc/AppuDS
name=rolesQuery, value=select role, 'Roles' from sessionrole where name=?
08:35:26,026 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) initialize
08:35:26,026 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) Security domain: AppuLogin
08:35:26,026 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) Password hashing activated: algorithm = SHA-256, encoding = base64, charset = {default}, callback = null, storeCallback = null
08:35:26,026 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) DatabaseServerLoginModule, dsJndiName=java:/jdbc/AppuDS
08:35:26,026 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) principalsQuery=select password from sessionuser where name=?
08:35:26,026 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) rolesQuery=select role, 'Roles' from sessionrole where name=?
08:35:26,026 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) suspendResume=true
08:35:26,026 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) login
08:35:26,041 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) suspendAnyTransaction
08:35:26,041 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) Excuting query: select password from sessionuser where name=?, with username: f048cdad-baf6-4aef-8591-186a7414350f
08:35:26,072 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) Query returned no matches from db
08:35:26,072 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) resumeAnyTransaction
08:35:26,072 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (EJB default - 1) abort
08:35:26,072 TRACE [org.jboss.security.plugins.JBossAuthenticationManager.AppuLogin] (EJB default - 1) Login failure: javax.security.auth.login.FailedLoginException: PB00019: Processing Failed:No matching username found in Principals
 at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:186) [picketbox-4.0.6.final.jar:4.0.6.final]
 at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:248) [picketbox-4.0.6.final.jar:4.0.6.final]
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/718350#718350]

Start a new discussion in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120221/584f9c96/attachment.html

More information about the jboss-dev-forums mailing list