Hello,
I am using JBoss 3.0.4 and trying to perform
user authentication using JAAS, but I am
getting the following error:
Caused by: javax.ejb.EJBException:
checkSecurityAssociation; CausedByException is:
Authentication exception, principal=admin
at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:174)
at
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
at
org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
... 30 more
In login-config.xml I have a custom Login
Module defined.
In that custom Login Module, which extends
AbstractServerLoginModule, I have overridden
methods:
protected Principal getIdentity()
protected Object getCredentials()
protected String getUsername()
protected Group[] getRoleSets()
The body of my login() method looks like this:
// if shared credentials exist already
if (super.login() == true)
{
// get the previously set username
Object username =
sharedState.get("javax.security.auth.login.name");
if (username instanceof Principal)
_userPrincipal = (Principal)
username;
else
{
// FIXME: OG: throw an exception
System.out.println("Username
not instanceof Principal'");
}
// get the previously set password
Object password =
sharedState.get("javax.security.auth.login.password");
if (password instanceof char[])
_credential = (char[]) password;
else if (password != null)
{
String tmp =
password.toString();
_credential = tmp.toCharArray();
}
return true;
}
// if shared credentials DO NOT
exist yet
loginOk = false;
// hard-coded to correct
username/password
String username = "admin";
String password = "password";
// store the username and password
in the shared state map
if (getUseFirstPass() == true)
{
sharedState.put("javax.security.auth.login.name",
username);
sharedState.put("javax.security.auth.login.password",
password);
}
// set AbstractServerLoginModule's
loginOk instance variable to true, as
// instructed by the
AbstractServerLoginModule's javadoc
loginOk = true;
return true;
Does anyone see any mistakes in this code?
I have looked at UsernamePasswordLoginModule
and DatabaseServerLoginModule, and the code
above looks correct to me.
And here is getRoleSets() method, in case
that is the culprit:
protected Group[] getRoleSets()
throws LoginException
{
HashMap setsMap = new HashMap();
String groupName = "Roles";
SimpleGroup group = new
SimpleGroup(groupName);
setsMap.put(groupName, group);
group.addMember(new
SimplePrincipal("guest"));
Group[] roleSets = new
Group[setsMap.size()];
setsMap.values().toArray(roleSets);
return roleSets;
}
This is essentially lifted from
DatabaseServerLoginModule.
I've been stuck on this problem for a while
(too embarrassing to say exactly how long).
I have enabled DBEUG level logging via
log4j-config.xml, but I still don't see
anything that would help me figure out what
the source of the problem is.
Ladies and gentlemen, your donations will be
greatly appreciated.
(Can anyone from NYC recognize the blind
subway musician usually riding the N line?
The above is his line. :))
Thank you,
Otis
________________________________________________
Get your own "800" number
Voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag
-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing
your web site with SSL, click here to get a FREE TRIAL of a Thawte
Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
