[jboss-user] [Security & JAAS/JBoss] - Beginner's problems with ClientLoginModule

Wed Aug 22 07:35:14 EDT 2007

Greetings!

I've got some problems with getting my JBoss-Client's login-mechanism working. I do the following: I have got a Swing-client, that shows a LoginDialog at startup. The user types in his username and password, the Jboss ClientLoginModule is used to copy that data to the server, where it has to be evaluated against a database (for test-purposes I'm using a UsersRolesLoginModule here at the moment).
But let's have a look into my code first:

This is the code I'm using for testing the login-procedure:
logger.debug("Login");
  | LoginContext lc = new LoginContext("cube", new CubeCallbackHandler());
  | lc.login();
  | 
  | // Let's force JBoss AS to evaluate the login-data
  | Context ctx = new InitialContext(jndi);
  | TestSession tsBean = (TestSession)ctx.lookup("TestSessionBean/remote");
  | tsBean.echo("Hallo!");
  | logger.debug("Logged in as " + lc.getSubject().getPrincipals());
  | 		
  | logger.debug("Logging out.");
  | lc.logout();

The TestSessionBean looks like this:
@Stateless
  | @SecurityDomain("cube")
  | @RolesAllowed("EMPLOYEE")
  | public class TestSessionBean implements TestSession {
  | 
  | 	/**
  | 	 * @see de.tobiasdemuth.cube.server.TestSession#echo(java.lang.String)
  | 	 */
  | 	public String echo(String arg) {
  | 		System.out.println("Echo: " + arg);
  | 		return arg;
  | 	}
  | 
  | }

My client-side login.conf:
cube {
  |    org.jboss.security.ClientLoginModule  required;
  | };

And the server-side policy for the security-domain "cube":
<!-- The login used by the Cube-client -->
  | 	<application-policy name="cube">
  | 		<authentication>
  | 	        <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
  | 	        </login-module>
  | 	    </authentication>
  | 	</application-policy>

And finally what happens:

  | 2007-08-22 13:17:15,031 - DEBUG (Starter.java:59) Login
  | 2007-08-22 13:17:15,046 - TRACE (ClientLoginModule.java:103) Security domain: null
  | 2007-08-22 13:17:15,046 - TRACE (ClientLoginModule.java:121) Enabling restore-login-identity mode
  | 2007-08-22 13:17:15,046 - TRACE (ClientLoginModule.java:139) Begin login
  | 2007-08-22 13:17:29,546 - TRACE (ClientLoginModule.java:195) Obtained login: tdemuth, credential.class: [C
  | 2007-08-22 13:17:29,562 - TRACE (ClientLoginModule.java:213) End login
  | 2007-08-22 13:17:29,562 - TRACE (ClientLoginModule.java:223) commit, subject=Betreff:
  | 
  | 2007-08-22 13:17:29,562 - DEBUG (SecurityAssociation.java:143) Using ThreadLocal: false
  | 2007-08-22 13:17:29,578 - TRACE (SecurityAssociation.java:460) pushSubjectContext, subject=Betreff:
  | , sc=org.jboss.security.SecurityAssociation$SubjectContext at 132ae7{principal=tdemuth,subject=6666040}
  | 2007-08-22 13:17:29,750 - TRACE (SecurityAssociation.java:190) getPrincipal, principal=tdemuth
  | Exception in thread "main" javax.ejb.EJBAccessException: Authentication failure
  | 	at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68)
  | 	at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70)
  | 	at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:106)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:278)
  | 	at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
  | 	at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
  | 	at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:734)
  | 	at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:560)
  | 	at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:369)
  | 	at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:165)
  | 	at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:163)
  | 	at org.jboss.remoting.Client.invoke(Client.java:1550)
  | 	at org.jboss.remoting.Client.invoke(Client.java:530)
  | 	at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:72)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:103)
  | 	at $Proxy0.echo(Unknown Source)
  | 	at de.tobiasdemuth.cube.frontoffice.Starter.<init>(Starter.java:64)
  | 	at de.tobiasdemuth.cube.frontoffice.Starter.main(Starter.java:118)
  | 	at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:74)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:72)
  | 	at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 	at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:103)
  | 	at $Proxy0.echo(Unknown Source)
  | 	at de.tobiasdemuth.cube.frontoffice.Starter.<init>(Starter.java:64)
  | 	at de.tobiasdemuth.cube.frontoffice.Starter.main(Starter.java:118)

So, what's wrong?

kind regards
Tobias

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4076759#4076759

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4076759