[jboss-user] [Security & JAAS/JBoss] - Need help with DatabaseServerLoginModule!
hdmonty
do-not-reply at jboss.com
Thu Oct 18 09:49:13 EDT 2007
Hi all,
first I used the org.jboss.security.auth.spi.UsersRolesLoginModule for the authentification of my EJB3 and it works fine,
but now I have to look in my database instead of looking in a properties-file.
Here is my entry in the login-config.xml:
| <application-policy name = "dbsecuritytest">
| <authentication>
| <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
| flag = "required">
| <module-option name = "unauthenticatedIdentity">anonymos</module-option>
| <module-option name = "dsJndiName">java:/testDB</module-option>
| <module-option name = "principalsQuery">SELECT PASSWORD FROM USERS WHERE USERID=?</module-option>
| <module-option name = "rolesQuery">SELECT 'user' as role, 'Roles' as roles FROM USERS WHERE USERID=?</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
And in my Bean I say
@Stateless
| @SecurityDomain("dbsecuritytest")
| public class MyBean
|
| [...]
|
|
| public doSomething(){
| ....
| }
I monitor my DB and I can see the first statement:
SELECT PASSWORD FROM USERS WHERE USERID='abc'.
But then comes this Exception:
Exception in thread "main" javax.ejb.EJBAccessException: Authentication failure
| at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68)
| at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70)
| at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:106)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:278)
| at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
| at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
| at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:734)
| at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:560)
| at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:369)
| at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:165)
| at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:163)
| at org.jboss.remoting.Client.invoke(Client.java:1550)
| at org.jboss.remoting.Client.invoke(Client.java:530)
| at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:72)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:103)
| at $Proxy0.doSomething(Unknown Source)
|
What is here wrong ?
Can anybody help me?
Thx
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4096567#4096567
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4096567
More information about the jboss-user
mailing list