I have created a securityrealm in my login-conf.xml that looks like this,
< application-policy name="MSSQLServer2000SequencherSecurityRealm" >
< authentication>
< login-module code="com.synapps.jmx.jaas.srp.MetaDataIdentityLoginModule"
flag="required" >
< module-option
name="dsJndiName">java:/MSSQLServer2000MetaData</module-option >
< module-option
name="dsName">MSSQLServer2000Sequencher</module-option >
< module-option name="connTypeQuery">SELECT ConnAuthType FROM DataStore
WHERE Name=?</module-option >
< module-option name="defaultUserPasswdQuery">SELECT
DataStore.DefaultConnUser, Password.password FROM DataStore,Password WHERE
DataStore.Name=? AND Password.ID = DataStore.DefaultConnPWID</module-option >
< module-option name="userUserPasswdQuery">SELECT
User_DataStore.UserConnUserID, Password.password, FROM DataStore,User_DataStore,
Password WHERE DataStore.Name=? AND Password.ID = User_DataStore.UserConnPWID AND
User_DataStore.DataStoreID = DataStore.ID and User_DataStore.UserID=?</module-option >
< module-option name="activityLogging">INSERT INTO ActivityLog
VALUES(?,?,?,?,?,?,?,?,?,?)</module-option >
< module-option name="password-stacking">useFirstPass</module-option >
</login-module >
</application-policy >
The com.synapps.jmx.jaas.srp.MetaDataIdentityLoginModule, was built using the,
org.jboss.resource.security.CallerIdentityLoginModule, it reads my MetaData database
to find out the auth type for the datasource it then loads the username and password
with the appropriate values based on the auth type. I have described the datasource
in the deploy directory as:
< ?xml version="1.0" encoding="UTF-8"?>
< !-- ===================================================================== -- >
< !-- -- >
< !-- JBoss Server Configuration -- >
< !-- -- >
< !-- ===================================================================== -- >
< !-- $Id: sequencher-mssql-ds.xml,v 1.1 2004/05/18 18:500:16 mike Exp $ -->
< !-- ======================================================================-- >
< !-- New ConnectionManager setup for Microsoft SQL Server 2000 driver -- >
< !-- You may download the latest Microsoft JDBC driver from *Microsoft* -- >
< !--
http://msdn.microsoft.com/downloads/default.asp?url=/downloads/sample.asp?url=/MSDN-FILES/027/001/779/msdncompositedoc.xml&frame=true
-- >
< !-- ===================================================================== -- >
< datasources>
< local-tx-datasource>
< jndi-name>MSSQLServer2000Sequencher</jndi-nam e>
<
connection-url>jdbc:microsoft:sqlserver://synapps-6:1433;DatabaseName=Sequencher;SelectMethod=cursor</connection-url
>
< driver-class>com.microsoft.jdbc.sqlserver.SQLServerDriver</driver-class >
< !--<user-name>sa</user-name>
synapps -- >
< !-- sql to call when connection is created -- >
< new-connection-sql>select count(*) from Users</new-connection-sql >
< !-- sql to call on an existing pooled connection when it is obtained from
pool -- >
< check-valid-connection-sql>select count(*) from
Users</check-valid-connection-sql >
< !-- Use the security domain defined in conf/login-config.xml -- >
< security-domain>MSSQLServer2000SequencherSecurityRealm</security-domain >
</local-tx-datasource >
In the jar that has the entity beans that use this datasource the Jboss.xml looks like
this:
< ?xml version="1.0" encoding="UTF-8"?>
< !DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 3.0//EN"
"http://www.jboss.org/j2ee/dtd/jboss_3_0.dtd";>
< jboss>
<
security-domain>java:/jaas/MSSQLServer2000SequencherSecurityRealm</security-domain >
< unauthenticated-principal>Anonymous</unauthenticated-principal >
< enterprise-beans>
When I deploy the jar and start the application server I get this error:
2004-06-02 15:32:31,546 INFO [org.jboss.ejb.EjbModule] Deploying
MSSQLServer2000Sequencher_UserPreferences
2004-06-02 15:32:31,578 INFO [org.jboss.ejb.EjbModule] Deploying
MSSQLServer2000Sequencher_Users
2004-06-02 15:32:31,593 INFO [org.jboss.ejb.EjbModule] Deploying
MSSQLServer2000Sequencher_VectorSite
2004-06-02 15:32:31,625 INFO [org.jboss.ejb.EjbModule] Deploying
MSSQLServer2000Sequencher_WorkingSequence
2004-06-02 15:32:31,656 INFO [org.jboss.ejb.EjbModule] Deploying
MSSQLServer2000Sequencher_EntityBeanTest
2004-06-02 15:32:33,484 ERROR [org.jboss.ejb.EntityContainer] Starting failed
java.lang.SecurityException: Invalid authentication attempt, principal=null
at
org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(BaseConnectionManager2.java:647)
at
org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnectionManager2.java:476)
at
org.jboss.resource.connectionmanager.BaseConnectionManager2$ConnectionManagerProxy.allocateConnection(BaseConnectionManager2.java:814)
at
org.jboss.resource.adapter.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:102)
at org.jboss.ejb.plugins.cmp.jdbc.SQLUtil.fixTableName(SQLUtil.java:118)
at
org.jboss.ejb.plugins.cmp.jdbc.bridge.JDBCEntityBridge.init(JDBCEntityBridge.java:147)
at
org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.initStoreManager(JDBCStoreManager.java:420)
at
org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.start(JDBCStoreManager.java:357)
at
org.jboss.ejb.plugins.CMPPersistenceManager.start(CMPPersistenceManager.java:152)
at org.jboss.ejb.EntityContainer.startService(EntityContainer.java:342)
at org.jboss.system.ServiceMBeanSupport.start(ServiceMBeanSupport.java:192)
at sun.reflect.GeneratedMethodAccessor51.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546)
at
org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:976)
at $Proxy15.start(Unknown Source)
Since this is a non trusted connection how do I describe it so it won't try to start
the enity instance pool after deploying the entity beans? I won't have a principal
until someone is logged into the system, so if the datasource is accessed prior to
that I will get the stated error. The way I thought this should work is that when a
bean that uses this security realm is accessed the login module will be envoked to
create the connection if it isn't already in the connection pool. I have read the
documentation but I didn't find anything about configuring non-trusted connections?
Thanks
Jerry
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3837311#3837311
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3837311
-------------------------------------------------------
This SF.Net email is sponsored by the new InstallShield X.
>From Windows to Linux, servers to mobile, InstallShield X is the one
installation-authoring solution that does it all. Learn more and
evaluate today! http://www.installshield.com/Dev2Dev/0504
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
