[jboss-user] [Security & JAAS/JBoss] - Bad password error doesn't propagate to the client
danlee
do-not-reply at jboss.com
Wed May 16 17:21:52 EDT 2007
With JBoss 4.0.5 GA running under Windows 2003 server, I am using a ClientLoginModule on the client side and an LDAP provider (Active Directory) on the server side. When the client login password is wrong, the server report the error correctly in the server log.
2007-05-11 14:56:06,828 DEBUG [org.jboss.security.auth.spi.LdapExtLoginModule] Bad password for username=foo
javax.naming.NamingException: Search of baseDN(CN=Users,DC=paperwork2,DC=eng,DC=filenet,DC=com) found no matches
at org.jboss.security.auth.spi.LdapExtLoginModule.bindDNAuthentication(LdapExtLoginModule.java:379)
at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:336)
at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:229)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:210)
However, the client side gets the following error.
Caused by: java.io.NotSerializableException: com.sun.jndi.ldap.LdapCtx
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1054)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1332)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1304)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1247)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1052)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1332)
at java.io.ObjectOutputStream.defaultWriteObject(ObjectOutputStream.java:367)
at java.lang.Throwable.writeObject(Throwable.java:648)
at sun.reflect.GeneratedMethodAccessor148.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at java.io.ObjectStreamClass.invokeWriteObject(ObjectStreamClass.java:809)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1296)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1247)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1052)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1332)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1304)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1247)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1052)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1332)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1304)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1247)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1052)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:278)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:299)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
at java.lang.Thread.run(Thread.java:534)
Is there a way to propagate the bad password error to the client from the server (EJB container)?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046307#4046307
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046307
More information about the jboss-user
mailing list