[jboss-user] [JBoss Portal] - How to configurate the GateIn3.4 & JBossAS7 SSO login

halbert do-not-reply at jboss.com
Wed Sep 12 22:04:00 EDT 2012


halbert [https://community.jboss.org/people/halbert] created the discussion

"How to configurate the GateIn3.4 & JBossAS7  SSO login"

To view the discussion, visit: https://community.jboss.org/message/759326#759326

--------------------------------------------------------------
There is some document which guide me to configure the GateIn3.2 & JBossAS 6 , but the document is not fit for JBoss7 & GateIn3.4. I search my document and I have configurated the standalone.xml  as following 
1) change standalone.xml 

|              | <security-domain name="gatein-domain" cache-type="default"> |
|                  | <authentication> |
|                      | <login-module code="org.gatein.wci.security.WCILoginModule" flag="optional"> |
|                          | <module-option name="portalContainerName" value="portal"/> |
|                          | <module-option name="realmName" value="gatein-domain"/> |
|                      | </login-module> |
|                      | <login-module code="org.exoplatform.services.security.jaas.SharedStateLoginModule" flag="required"> |
|                          | <module-option name="portalContainerName" value="portal"/> |
|                          | <module-option name="realmName" value="gatein-domain"/> |
|                      | </login-module> |
|                      | <login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required"> |
|                          | <module-option name="portalContainerName" value="portal"/> |
|                          | <module-option name="realmName" value="gatein-domain"/> |
|                      | </login-module> |
|  | <login-module code="org.exoplatform.services.security.j2ee.JbossLoginModule" flag="required"> |
|                          | <module-option name="portalContainerName" value="portal"/> |
|                          | <module-option name="realmName" value="gatein-domain"/> |
|                      | </login-module> |  |  |  |  |  |  |
|                  | </authentication> |
|              | </security-domain> |

2) copy cas-client-core-3.1.9.jar,sso-auth-callback-1.1.2-Beta02.jar,sso-agent-1.1.2-Beta02.jar to   E:\GateIn-3.4-jbossas7\gatein\deployments\gatein.ear\lib
3) configurate the client portal.war and web.war as  http://docs.jboss.com/gatein/portal/3.4.0.M01/reference-guide/en-US/html_single/index.html#sect-Reference_Guide-Single_Sign_On-CAS_Central_Authentication_Service http://docs.jboss.com/gatein/portal/3.4.0.M01/reference-guide/en-US/html_single/index.html#sect-Reference_Guide-Single_Sign_On-CAS_Central_Authentication_Service guided. 
4) start the JBoss7 and login with CAS server. 
5) get exception  

09:06:45,457 ERROR [org.gatein.sso.agent.login.SSOLoginModule] (http--127.0.0.1-8080-11) ---------------------------------------------------------
09:06:45,457 ERROR [org.gatein.sso.agent.login.SSOLoginModule] (http--127.0.0.1-8080-11) SSOLogin Failed. Credential Not Found!!
09:06:45,457 ERROR [org.gatein.sso.agent.login.SSOLoginModule] (http--127.0.0.1-8080-11) ---------------------------------------------------------
09:06:45,477 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) Login failure: javax.security.auth.login.LoginException: Login failed for demo
    at org.exoplatform.services.security.jaas.DefaultLoginModule.login(DefaultLoginModule.java:136) [exo.core.component.security.core-2.4.6-GA.jar:2.4.6-GA]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_06]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_06]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_06]
    at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) [rt.jar:1.7.0_06]
    at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext.login(LoginContext.java:594) [rt.jar:1.7.0_06]
    at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]
    at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]
    at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]
    at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]
    at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:215) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]
    at org.apache.catalina.authenticator.AuthenticatorBase.login(AuthenticatorBase.java:324) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.connector.Request.login(Request.java:3252) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1082) [jbossweb-7.0.10.Final.jar:]
    at javax.servlet.http.HttpServletRequestWrapper.login(HttpServletRequestWrapper.java:323) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
    at org.gatein.wci.jboss.JB7ServletContainerContext.login(JB7ServletContainerContext.java:159) [wci-jboss7-2.2.0-Beta02.jar:2.2.0-Beta02]
    at org.gatein.wci.impl.DefaultServletContainer.login(DefaultServletContainer.java:109) [wci-wci-2.2.0-Beta02.jar:2.2.0-Beta02]
    at org.exoplatform.web.login.InitiateLoginServlet.doGet(InitiateLoginServlet.java:111) [exo.portal.component.web.security-3.4.0.M01.jar:3.4.0.M01]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:734) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
    at org.exoplatform.container.web.AbstractHttpServlet.onService(AbstractHttpServlet.java:183) [exo.kernel.container-2.3.6-GA-JBAS7.jar:2.3.6-GA-JBAS7]
    at org.exoplatform.container.web.AbstractHttpServlet.service(AbstractHttpServlet.java:132) [exo.kernel.container-2.3.6-GA-JBAS7.jar:2.3.6-GA-JBAS7]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:734) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:541) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:479) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:407) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:362) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:265) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.10.Final.jar:]
    at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:154) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.10.Final.jar:]
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.10.Final.jar:]
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.10.Final.jar:]
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.10.Final.jar:]
    at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_06]

09:06:45,507 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) End isValid, false
09:06:45,507 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) End invoke, caller=null
09:06:45,507 TRACE [org.jboss.security.SecurityRolesAssociation] (http--127.0.0.1-8080-11) Setting threadlocal:null
09:06:45,517 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) Begin invoke, caller=null
09:06:45,517 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) Begin isValid, principal:demo, cache entry: null
09:06:45,517 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) defaultLogin, principal=demo
09:06:45,517 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http--127.0.0.1-8080-11) Begin getAppConfigurationEntry(gatein-domain), size=5
09:06:45,517 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http--127.0.0.1-8080-11) End getAppConfigurationEntry(gatein-domain), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.gatein.wci.security.WCILoginModule
ControlFlag: LoginModuleControlFlag: optional
Options:
name=realmName, value=gatein-domain
name=portalContainerName, value=portal
[1]
LoginModule Class: org.gatein.sso.agent.login.SSOLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=realmName, value=gatein-domain
name=portalContainerName, value=portal
[2]
LoginModule Class: org.exoplatform.services.security.jaas.SharedStateLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=realmName, value=gatein-domain
name=portalContainerName, value=portal
[3]
LoginModule Class: org.exoplatform.services.security.j2ee.JbossLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=realmName, value=gatein-domain
name=portalContainerName, value=portal

09:06:45,568 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) Login failure: javax.security.auth.login.LoginException: Login failed for demo
    at org.exoplatform.services.security.jaas.SharedStateLoginModule.login(SharedStateLoginModule.java:82) [exo.core.component.security.core-2.4.6-GA.jar:2.4.6-GA]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_06]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_06]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_06]
    at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) [rt.jar:1.7.0_06]
    at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) [rt.jar:1.7.0_06]
    at javax.security.auth.login.LoginContext.login(LoginContext.java:594) [rt.jar:1.7.0_06]
    at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]
    at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]
    at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]
    at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]
    at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:215) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]
    at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:381) [jbossweb-7.0.10.Final.jar:]
    at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:154) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.10.Final.jar:]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.10.Final.jar:]
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.10.Final.jar:]
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.10.Final.jar:]
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.10.Final.jar:]
    at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_06]
Caused by: javax.security.auth.login.LoginException: Login failed for demo
    at org.exoplatform.services.organization.auth.OrganizationAuthenticatorImpl.validateUser(OrganizationAuthenticatorImpl.java:155) [exo.core.component.organization.api-2.4.6-GA.jar:2.4.6-GA]
    at org.exoplatform.services.security.jaas.SharedStateLoginModule.login(SharedStateLoginModule.java:70) [exo.core.component.security.core-2.4.6-GA.jar:2.4.6-GA]
    ... 27 more

09:06:45,599 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) End isValid, false
09:06:45,739 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) End invoke, caller=null
09:06:45,739 TRACE [org.jboss.security.SecurityRolesAssociation] (http--127.0.0.1-8080-11) Setting threadlocal:null
09:06:45,755 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) Begin invoke, caller=null
09:06:45,755 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) End invoke, caller=null
09:06:45,755 TRACE [org.jboss.security.SecurityRolesAssociation] (http--127.0.0.1-8080-11) Setting threadlocal:null
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/759326#759326]

Start a new discussion in JBoss Portal at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2011]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120912/739710fb/attachment-0001.html 


More information about the jboss-user mailing list