[jboss-user] [Security & JAAS/JBoss] - Remote JNDI lookup over http username propagation

martin ganserer do-not-reply at jboss.com
Wed Nov 21 10:33:01 EST 2007 

Hi, 

I am trying to get an application working that communicates between JBOSS server and a client via HTTP. Basically this works fine. But now I am facing a problem. 
I want to secure the JNDI lookup by using the default security constraint defined in the web.xml of the invoker.war in the http-invoker.sar.
But when my java client tries to make a look up following error message appears in the server log:

Code: 

2007-07-24 16:42:03,612 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties,
  |  users=[user, timerecorder]
  | 2007-07-24 16:42:03,612 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties,
  |  users=[timerecorder]
  | 2007-07-24 16:42:03,612 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for u
  | sername=null
  | 2007-07-24 16:42:03,612 DEBUG [org.jboss.ejb3.security.Ejb3AuthenticationInterceptor] Authentication
  |  failure
  | javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
	 


This is strange as my client provides proper credentials! 

Code: 

env.put(InitialContext.PROVIDER_URL, "http://myhost/invoker/restricted/JNDIFactory");
  | env.put(InitialContext.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.HttpNamingContextFactory");
  | env.put(InitialContext.SECURITY_PRINCIPAL, "username");
  | env.put(InitialContext.SECURITY_CREDENTIALS, "password");
  | env.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");
  | 
  | try
  | {
  |   ctx = new InitialContext(env);
  | }
  | catch (NamingException e1)
  | {
  |   e1.printStackTrace();
  | }
  | 	 


The LoginModule seams to be correct as it works when I use 
org.jboss.security.jndi.JndiLoginInitialContextFactory for example! 

Do I miss something? 
 

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4106790#4106790

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4106790

More information about the jboss-user mailing list