[jboss-jira] [JBoss JIRA] Commented: (AS7-1182) Incorrect security domain selected for web application.

Darran Lofthouse (JIRA) jira-events at lists.jboss.org
Tue Jul 5 14:08:23 EDT 2011 

    [ https://issues.jboss.org/browse/AS7-1182?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12612497#comment-12612497 ] 

Darran Lofthouse commented on AS7-1182:
---------------------------------------

Juergen, do you have a thread started for this in the AS7 Users discussions?  

It would be helpful to see how the web application is being associated with the security domain as the error suggests to me that the 'other' domain is being picked up instead of your domain rather than an issue with the login module itself.

> Incorrect security domain selected for web application.
> -------------------------------------------------------
>
>                 Key: AS7-1182
>                 URL: https://issues.jboss.org/browse/AS7-1182
>             Project: Application Server 7
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 7.0.0.CR1
>            Reporter: Juergen Zimmermann
>            Assignee: Darran Lofthouse
>
> I want to migrate from JBossAS 6 to 7.0.0.CR1. In standalone.xml I declare the following security domain, but get the stacktrace (see below) looking for UsersRolesLoginModule instead of DatabaseServerLoginModule.
> Security domain in standalone.xml:
>    <security-domain name="swe2" cache-type="default">
>       <authentication>
>          <login-module code="Database" flag="required">
>             <module-option name="dsJndiName" value="java:/swe2DS"/>
>             <module-option name="unauthenticatedIdentity" value="gast"/>
>             <module-option name="principalsQuery" value="SELECT password FROM kunde WHERE username=?"/>
>             <module-option name="rolesQuery" value="SELECT role, 'Roles' FROM swe2_role r INNER JOIN kunde k ON r.kunde_fk = k.k_id WHERE k.username=?"/>
>             <module-option name="hashAlgorithm" value="SHA-1"/>
>             <module-option name="hashEncoding" value="base64"/>
>          </login-module>
>       </authentication>
>    </security-domain>
> Stacktrace regarding UsersRolesLoginModule (instead of DatabaseServerLoginModule):
> 16:03:58,528 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule] (http--127.0.0.1-8080-2) Failed to load users/passwords/role files: java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
> 	at org.jboss.security.auth.spi.Util.loadProperties(Util.java:227) [picketbox-4.0.0.CR1.jar:4.0.0.CR1]
> 	at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:188) [picketbox-4.0.0.CR1.jar:4.0.0.CR1]
> 	at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:202) [picketbox-4.0.0.CR1.jar:4.0.0.CR1]
> 	at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:129) [picketbox-4.0.0.CR1.jar:4.0.0.CR1]
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_26]
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_26]
> 	at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) [:1.6.0_26]
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
> 	at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
> 	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_26]
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411) [picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345) [picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154) [picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
> 	at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127) [jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
> 	at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180) [jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
> 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446) [jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
> 	at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57) [jboss-as-web-7.0.0.CR1.jar:7.0.0.CR1]
> 	at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49) [jboss-as-jpa-7.0.0.CR1.jar:7.0.0.CR1]
> 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154) [jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
> 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
> 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
> 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
> 	at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893) [jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
> 	at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:626) [jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
> 	at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2054) [jbossweb-7.0.0.CR4.jar:7.0.0.CR1]
> 	at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list