[jboss-user] [Security & JAAS/JBoss] - Cannot get JAAS to work
henkie.maritz@iits
do-not-reply at jboss.com
Tue Oct 28 17:11:06 EDT 2008
Hi there
I'm new to JBoss and did configure some web pages to work through JAAS, but I get an exception.
Two questions:
1. What am I doing wrong?
2. How can I debug this to see which of the various steps are wrong?
Any help will be much appreciated.
Regards
Here's the detail:
JDK 1.5
JBoss 4.2.2
Here is my web.xml file extract:
<security-constraint>
<display-name>Admin</display-name>
<web-resource-collection>
DepotList page
<web-resource-name>DepotList</web-resource-name>
<url-pattern>/faces/DepotList.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
System administrator
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>OrderSystemJaasDbRealm</realm-name>
</login-config>
<security-role>
System administrator
<role-name>Administrator</role-name>
</security-role>
<security-role>
Depot user
<role-name>User</role-name>
</security-role>
Here is my jboss-web.xml file extract:
<jboss-web>
<security-domain>java:/jaas/OrderSystemJaasDbRealm</security-domain>
</jboss-web>
In folder jboss-4.2.2.GA\server\default\conf I have the following two files:
iits-login-config-service.xml
iits-login-config.xml
<depends optional-attribute-name="LoginConfigService">
jboss.security:service=XMLLoginConfig
<depends optional-attribute-name="SecurityManagerService">
jboss.security:service=JaasSecurityManager
iits-login-config.xml
<application-policy name = "OrderSystemJaasDbRealm">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name = "password-stacking">useFirstPass</module-option>
<module-option name = "dsJndiName">java:/MYDBDS</module-option>
<module-option name = "principalsQuery">SELECT PASSWORD FROM USER WHERE NAME=?</module-option>
<module-option name = "rolesQuery">SELECT ROLE.NAME, 'Roles' FROM USER, ROLE WHERE USER.NAME=? AND USER.ROLE_ID = ROLE.ID</module-option>
</login-module>
</application-policy>
I get the following exception when I entered the user name and password:\
23:10:08,125 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files
java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315)
at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:595)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4185229#4185229
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4185229
More information about the jboss-user
mailing list