[jboss-jira] [JBoss JIRA] (WFLY-6767) security-realms that defer to jaas cannot load login-modules from org.jboss.as.security

Lin Gao (JIRA) issues at jboss.org
Tue Jul 26 01:10:00 EDT 2016 

     [ https://issues.jboss.org/browse/WFLY-6767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Lin Gao reassigned WFLY-6767:
-----------------------------

    Assignee: Lin Gao  (was: Darran Lofthouse)


> security-realms that defer to jaas cannot load login-modules from org.jboss.as.security 
> ----------------------------------------------------------------------------------------
>
>                 Key: WFLY-6767
>                 URL: https://issues.jboss.org/browse/WFLY-6767
>             Project: WildFly
>          Issue Type: Bug
>          Components: Security
>            Reporter: Derek Horton
>            Assignee: Lin Gao
>
> security-realms that defer to jaas cannot load login-modules from org.jboss.as.security.  The configuration looks like the following:
>             <security-realm name="ManagementRealm">
>                 <authentication>
>                     <jaas name="jmx-console"/>
>                 </authentication>
>                 <authorization map-groups-to-roles="false">
>                     <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
>                 </authorization>
>             </security-realm> 
>                 <security-domain name="jmx-console" cache-type="default">
>                     <authentication>
>                         <login-module code="RealmUsersRoles" flag="required">
>                             <module-option name="rolesProperties" value="file://${jboss.server.config.dir}/rolesmapping.properties"/>
>                             <module-option name="usersProperties" value="file://${jboss.server.config.dir}/rolesmapping.properties"/>
>                         </login-module>
>                     </authentication>
>                 </security-domain>
> The following error is logged during the authentication attempt:
> 2016-06-23 11:17:27,680 DEBUG [org.jboss.security] (management task-1) PBOX00206: Login failure: javax.security.auth.login.LoginException: unable to find LoginModule class: org.jboss.as.security.RealmDirectLoginModule from [Module "org.jboss.as.server:main" from local module loader @42f30e0a (finder: local module finder @24273305 (roots: /home/dehort/dev/java/jboss-eap-7.0.0/modules,/home/dehort/dev/java/jboss-eap-7.0.0/modules/system/layers/base))]
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:794)
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406)
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345)
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323)
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146)
> 	at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:406)
> 	at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:367)
> 	at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:347)
> 	at org.jboss.as.domain.management.security.JaasCallbackHandler.handle(JaasCallbackHandler.java:174)
> 	at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:175)
> 	at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:162)
> 	at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:141)
> 	at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:161)
> 	at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52)
> 	at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:233)
> 	at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:250)
> 	at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:219)
> 	at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:121)
> 	at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:96)
> 	at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:89)
> 	at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50)
> 	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
> 	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:792)
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> 	at java.lang.Thread.run(Thread.java:745)



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list