[jboss-jira] [JBoss JIRA] Created: (SECURITY-491) JAAS domain not found on long running tests

Jeff Mesnil (JIRA) jira-events at lists.jboss.org
Thu Apr 1 11:11:37 EDT 2010 

JAAS domain not found on long running tests
-------------------------------------------

                 Key: SECURITY-491
                 URL: https://jira.jboss.org/jira/browse/SECURITY-491
             Project: PicketBox (JBoss Security and Identity Management)
          Issue Type: Bug
      Security Level: Public (Everyone can see)
         Environment: JBoss AS trunk
            Reporter: Jeff Mesnil
            Assignee: Anil Saldhana


When running JMS TCK tests, at some point in time, I've got a trace about the JAAS domain being not found:


11:32:58,049 TRACE [org.jboss.security.plugins.mapping.JBossMappingManager] Application Policy not found for domain=java:/jaas/cts.Mapping framework will use the default domain:other

And then subsequent authentication fails:

11:33:50,487 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] logout
11:33:55,200 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(cts), size=15
11:33:55,958 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(cts), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag : required
Options:
name=usersProperties, value=cts-users.properties
name=unauthenticatedIdentity, value=cts-user
name=rolesProperties, value=cts-roles.properties
name=password-stacking, value=useFirstPass
 
11:34:06,984 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.cts] Login failure: javax.security.auth.login.LoginException: classe LoginModule introuvable : org.jboss.security.auth.spi.UsersRolesLoginModule
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at org.hornetq.integration.jboss.security.JBossASSecurityManager.validateUser(JBossASSecurityManager.java:81)
at org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:128)
...

There are no other org.jboss.security logs before that one.
Previously, a NPE was raised but it was fixed by https://jira.jboss.org/jira/browse/SECURITY-484.
Still, the root issue is that somehow the AS does not find the Application policy for the domain for some reasons.

The only hint I have is that happens when running the tests for a long period of time (1h or more). If I restart the AS server and run the failing tests, they all pass.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list