Hi j2ee_junkie! I'm trying to implement my own LoginModule, again without having to configure any external config files.
I have the Login module, but I can't make it use it without changing the server/conf/login-config.xml. I'm using the Embedded Login Configuration in http://wiki.jboss.org/wiki/Wiki.jsp?page=DynamicLoginConfig I'm putting that into a .sar file as you describe: | GF.ear | +--> GF.sar | +--> META-INF | | +--> jboss-service.xml | +--> CustomLoginModules.jar | +-->com/fcl/security/GreenfieldsLoginModule.class | +--> ejbs.jar | +--> webapp.war jboss-service.xml looks like | <?xml version='1.0'?> | <!DOCTYPE policy PUBLIC | "-//JBoss//DTD MBean Service 4.0//EN" | "http://www.jboss.org/j2ee/dtd/jboss-service_4_0.dtd";> | <server> | <!-- The custom JAAS login configuration that installs | a Configuration capable of dynamically updating the | config settings | --> | <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" | name="jboss.security.tests:service=LoginConfig"> | <attribute name="PolicyConfig" serialDataType="jbxb"> | <jaas:policy | xsi:schemaLocation="urn:jboss:security-config:4.1 resource:security-config_4_1.xsd" | xmlns:jaas="urn:jboss:security-config:4.1" | xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> | | <!-- Our Greenfields login config --> | <jaas:application-policy name="Greenfields"> | <jaas:authentication> | <jaas:login-module code="com.fcl.security.GreenfieldsLoginModule" flag="required"> | <jaas:module-option name="unauthenticatedIdentity">anonymous</jaas:module-option> | <jaas:module-option name="principalClass">com.fcl.security.GreenfieldsUser</jaas:module-option> | <jaas:module-option name="ignorePasswordCase">true</jaas:module-option> | </jaas:login-module> | | <!-- Include the ClientLoginModule propagation --> | <jaas:login-module code="org.jboss.security.ClientLoginModule" flag="required"> | <jaas:module-option name="password-stacking">true</jaas:module-option> | <jaas:module-option name="multi-threaded">true</jaas:module-option> | </jaas:login-module> | | </jaas:authentication> | </jaas:application-policy> | </jaas:policy> | </attribute> | <depends optional-attribute-name="LoginConfigService"> | jboss.security:service=XMLLoginConfig | </depends> | <depends optional-attribute-name="SecurityManagerService"> | jboss.security:service=JaasSecurityManager | </depends> | </mbean> | </server> | But it's producing: 14:40:55,031 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files | java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found | at org.jboss.security.auth.spi.Util.loadProperties(Util.java:313) | at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186) | at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200) | at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) | at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) | at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) | at java.security.AccessController.doPrivileged(Native Method) | at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) | at javax.security.auth.login.LoginContext.login(LoginContext.java:579) | at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:587) | at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:521) | at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:330) | at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:306) | at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868) | at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:663) | at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) | at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) | at java.lang.Thread.run(Thread.java:595) One more thing. Even when it called my LoginModule correctly - when I had edited the server's login-config.xml, the SessionContext.getCallerPrincipal() still returned an JBoss SimplePrincipal rather than the GreenFieldsUser object that I specified (and which is correctly produced by session.getUserPrincipal()) View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3931355#3931355 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3931355 ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
