[jbosstools-issues] [JBoss JIRA] Commented: (JBIDE-4421) jmx-invoker-service.xml server for DatabaseModuleLogin credentials not "accepted"

Stelios Koussouris (JIRA) jira-events at lists.jboss.org
Tue Jun 23 06:21:56 EDT 2009 

    [ https://jira.jboss.org/jira/browse/JBIDE-4421?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12473396#action_12473396 ] 

Stelios Koussouris commented on JBIDE-4421:
-------------------------------------------

I thought I did. 

Firstly, I needed to also apply the same security policy in jmx-invoker-service.xml. That resolved the problem but only up to a point. The following behavior was an additional issue which is what I am reporting above.

If you use "JMX-Console" policy (both in the jboss-web.xml & jmx-invoker-service.xml) then the logins are by default admin/admin, if
A - You DO NOT provide credentials in the "Server Overview a popup appears at startup to enter them
A1 - If you provide the admin/admin in the "Server Overview a popup DOES NOT appear at startup

If you use the DatabaseLoginModule "CLSIS-Security" policy (both in the jboss-web.xml & jmx-invoker-service.xml) then the logins are by default admin/admin, if
B - You DO NOT provide credentials in the "Server Overview a popup appears at startup to enter them
B1 - If you provide the guest/guest (my default ones in the DB) in the "Server Overview a popup SHOULD NOT appear at startup as the correct credentials have been provided but it DOES. The pop-up appears pre-populated with guest/guest I enter guest/guest and it keeps popping up (why?) if I choose "ignore" it does so server starts and JMX-CONSOLE is available via http://localhost:8080/jmx-console but JBDS is showing in Server View next to the server "Starting .... Synchnonized" 

As I said above the workaround is to enter the wrong ones in order to avoid scenario B1.

> jmx-invoker-service.xml server for DatabaseModuleLogin credentials not "accepted"
> ---------------------------------------------------------------------------------
>
>                 Key: JBIDE-4421
>                 URL: https://jira.jboss.org/jira/browse/JBIDE-4421
>             Project: Tools (JBoss Tools)
>          Issue Type: Bug
>          Components: JBossAS
>    Affects Versions: 3.0.0.GA
>            Reporter: Stelios Koussouris
>            Assignee: Rob Stryker
>            Priority: Minor
>             Fix For: 3.1.0.M3
>
>
> Setup the following authentication policy
>   <application-policy name="CLSIS-Security">
>     <authentication>
>       <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
>          <module-option name="unauthenticatedIdentity">guest</module-option>
>          <module-option name="dsJndiName">java:/DefaultDS</module-option>
>          <!--module-option name="hashAlgorithm">MD5</module-option>
>          <module-option name="hashEncoding">base64</module-option>
>          <module-option name="principalsQuery">SELECT USER_PWD FROM WEB_USERS WHERE USER_ID=?</module-option>
>          <module-option name="rolesQuery">SELECT ROLE_ID, 'Roles' FROM WEB_ROLES WHERE USER_ID=?</module-option-->
>              <module-option name = "principalsQuery">SELECT PASSWD FROM JBM_USER WHERE USER_ID=?</module-option>
>              <module-option name = "rolesQuery">SELECT ROLE_ID, 'Roles' FROM JBM_ROLE WHERE USER_ID=?</module-option>
>       </login-module>
>     </authentication>
>   </application-policy>
> and for jmx-console.war set the jaas policy in jboss-web.xml
> <?xml version="1.0" encoding="UTF-8"?>
> <jboss-web>
>     <resource-ref>
>         <res-ref-name>jdbc/DefaultDS</res-ref-name>
>         <res-type>javax.sql.DataSource</res-type>
>         <jndi-name>java:/DefaultDS</jndi-name>
>     </resource-ref>
>     <security-domain>java:/jaas/CLSIS-Security</security-domain>
> </jboss-web>
> finally setting the web-app with role "john" and user/pass guest/guest
> OPTION A: left deploy/jmx-invoker-service.xml  unchanged with default policy "jmx-console" 
> Back in JBDS, 
> Open Server  View
> Right click on server --> Open
> In Overview set the Server Credentials to admin/admin
> Start the server and all is well
> OPTION B: left deploy/jmx-invoker-service.xml  change the policy to "CLSIS-Security"
> Back in JBDS, 
> Open Server  View
> Right click on server --> Open
> In Overview set the Server Credentials to admin/admin
> Start the server pop-up comes up asking for the correct credentials enter guest/guest and all is well
> OPTION B1: all as in OPTION B but
> In Overview set the Server Credentials to guest/guest 
> Start the server and expect that since the correct credentials for the DB policy held in deploy/jmx-invoker-service.xml are given no pop-up will appear BUT
> pop-up appears pre-populated with guest/guest I enter guest/guest and it keeps popping up (why?) if I choose "ignore" it does so server starts and JMX-CONSOLE is available via http://localhost:8080/jmx-console but JBDS is showing in Server View next to the server "Starting .... Synchnonized"
> then after 450 secs the JBDS throws an error popup and the server stops (why?)

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jbosstools-issues mailing list