This is the binary I am using for the JBossStore site and I don't see this
problem for restricted content. The example2 in the JAAS tutorial also
uses the DatabaseServerLoginModule and creates a stateless session bean
on each access and this does not show this problem.
Is the username in the database when this starts to fail?
----- Original Message -----
From: "Schouten, Andreas" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "Kracke, Guido" <[EMAIL PROTECTED]>
Sent: Thursday, August 23, 2001 12:58 AM
Subject: [JBoss-dev] security exception in 2.4 final
> Hello,
>
> today I upgradet from 2.4.0.23 to 2.4.0 (file
JBoss-2.4.0_Tomcat-3.2.3.zip).
>
>
> We use integated tomcat and jaas security.
> The first login is successful also calling a stateless session bean is
> successful. But when a second instance of this bean is created a security
> exception occur. The username seams to be lost.
>
> (The same ear works under 2.4.0.23)
>
> [Default] Found StatelessSessionHome // after lookup the home interface
> [Default] javax.security.auth.login.FailedLoginException: No matching
> username found in Principals
> [Default] at
>
org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(Datab
> aseServerLoginModule.java
> :96)
> [Default] at
>
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswo
> rdLoginModule.java:103)
> [Default] at java.lang.reflect.Method.invoke(Native Method)
> [Default] at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:595)
> [Default] at
> javax.security.auth.login.LoginContext.access$000(LoginContext.java:125)
> [Default] at
> javax.security.auth.login.LoginContext$3.run(LoginContext.java:531)
> [Default] at java.security.AccessController.doPrivileged(Native
> Method)
> [Default] at
> javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:528)
> [Default] at
> javax.security.auth.login.LoginContext.login(LoginContext.java:449)
> [Default] at
>
org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityMana
> ger.java:362)
> [Default] at
>
org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityMana
> ger.java:328)
> [Default] at
>
org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.j
> ava:215)
> [Default] at
>
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityI
> nterceptor.java:164)
> [Default] at
>
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.jav
> a:92)
> [Default] at
> org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:106)
> [Default] at
>
org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer
> .java:268)
> [Default] at
>
org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invokeHome(JRMPContai
> nerInvoker.java:437)
> [Default] at
>
org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invokeHome(HomeProxy.java:23
> 7)
> [Default] at
> org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:182)
> [Default] at $Proxy31.create(Unknown Source)
> [Default] at
eacm.jspData.EjbServer.getEACMSession(EjbServer.java:54)
> //this calls the stateless SB from jsp client
>
> Andreas
>
>
>
>
> If you have received this e-mail in error or wish to read our e-mail
disclaimer statement and monitoring policy, please refer to
> http://www.drkw.com/disc/email/ or contact the sender.
>
> _______________________________________________
> Jboss-development mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-development
>
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
