[jboss-user] [Security & JAAS/JBoss] - Remote JNDI lookup over http username propagation
martin ganserer
do-not-reply at jboss.com
Wed Nov 21 10:33:01 EST 2007
Hi,
I am trying to get an application working that communicates between JBOSS server and a client via HTTP. Basically this works fine. But now I am facing a problem.
I want to secure the JNDI lookup by using the default security constraint defined in the web.xml of the invoker.war in the http-invoker.sar.
But when my java client tries to make a look up following error message appears in the server log:
Code:
2007-07-24 16:42:03,612 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties,
| users=[user, timerecorder]
| 2007-07-24 16:42:03,612 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties,
| users=[timerecorder]
| 2007-07-24 16:42:03,612 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for u
| sername=null
| 2007-07-24 16:42:03,612 DEBUG [org.jboss.ejb3.security.Ejb3AuthenticationInterceptor] Authentication
| failure
| javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
This is strange as my client provides proper credentials!
Code:
env.put(InitialContext.PROVIDER_URL, "http://myhost/invoker/restricted/JNDIFactory");
| env.put(InitialContext.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.HttpNamingContextFactory");
| env.put(InitialContext.SECURITY_PRINCIPAL, "username");
| env.put(InitialContext.SECURITY_CREDENTIALS, "password");
| env.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");
|
| try
| {
| ctx = new InitialContext(env);
| }
| catch (NamingException e1)
| {
| e1.printStackTrace();
| }
|
The LoginModule seams to be correct as it works when I use
org.jboss.security.jndi.JndiLoginInitialContextFactory for example!
Do I miss something?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4106790#4106790
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4106790
More information about the jboss-user
mailing list