Hi!
I'm trying to password protect one of my .war files but have yet run out of luck. I
think my problem lies within the login-config.xml file since the is a WARN in the log
when reading this file, cut from the server.log file:
2004-07-02 10:13:58,326 INFO [org.jboss.security.plugins.SecurityConfig] Started
jboss.security:service=SecurityConfig
2004-07-02 10:13:58,426 WARN [org.jboss.security.auth.login.XMLLoginConfigImpl]
Failed to load config:
file:/C:/Legatus/jboss-3.2.3/server/default/conf/login-config.xml
org.jboss.security.auth.login.ParseException: Encountered "<?xml" at line 1, column 1.
Was expecting one of:
...
at
org.jboss.security.auth.login.SunConfigParser.generateParseException()Lorg.jboss.security.auth.login.ParseException;(SunConfigParser.java:389)
at
org.jboss.security.auth.login.SunConfigParser.jj_consume_token(I)Lorg.jboss.security.auth.login.Token;(SunConfigParser.java:327)
at
org.jboss.security.auth.login.SunConfigParser.config()V(SunConfigParser.java:98)
at
org.jboss.security.auth.login.SunConfigParser.parse(Ljava.io.Reader;Lorg.jboss.security.auth.login.XMLLoginConfigImpl;Z)V(SunConfigParser.java:57)
at
org.jboss.security.auth.login.SunConfigParser.doParse(Ljava.io.Reader;Lorg.jboss.security.auth.login.XMLLoginConfigImpl;Z)V(SunConfigParser.java:79)
at
org.jboss.security.auth.login.XMLLoginConfigImpl.loadSunConfig(Ljava.net.URL;Ljava.util.ArrayList;)V(XMLLoginConfigImpl.java:273)
at
org.jboss.security.auth.login.XMLLoginConfigImpl.loadConfig(Ljava.net.URL;)[Ljava.lang.String;(XMLLoginConfigImpl.java:257)
at
org.jboss.security.auth.login.XMLLoginConfigImpl.loadConfig()V(XMLLoginConfigImpl.java:233)
at
org.jboss.security.auth.login.XMLLoginConfig.startService()V(XMLLoginConfig.java:152)
at org.jboss.system.ServiceMBeanSupport.start()V(ServiceMBeanSupport.java:192)
at
jrockit.reflect.NativeMethodInvoker.invoke0(Ljava.lang.Object;ILjava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown
Source)
at
jrockit.reflect.NativeMethodInvoker.invoke(Ljava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown
Source)
at
jrockit.reflect.VirtualNativeMethodInvoker.invoke(Ljava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown
Source)
at
java.lang.reflect.Method.invoke(Ljava.lang.Object;[Ljava.lang.Object;I)Ljava.lang.Object;(Unknown
Source)
at
org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String;)Ljava.lang.Object;(ReflectedMBeanDispatcher.java:284)
at
org.jboss.mx.server.MBeanServerImpl.invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String;)Ljava.lang.Object;(MBeanServerImpl.java:546)
at
org.jboss.system.ServiceController$ServiceProxy.invoke(Ljava.lang.Object;Ljava.lang.reflect.Method;[Ljava.lang.Object;)Ljava.lang.Object;(ServiceController.java:976)
at $Proxy0.start()V(Unknown Source)
at
org.jboss.system.ServiceController.start(Ljavax.management.ObjectName;)V(ServiceController.java:394)
at
jrockit.reflect.NativeMethodInvoker.invoke0(Ljava.lang.Object;ILjava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown
Source)
at
jrockit.reflect.NativeMethodInvoker.invoke(Ljava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown
Source)
at
jrockit.reflect.VirtualNativeMethodInvoker.invoke(Ljava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown
Source)
at
java.lang.reflect.Method.invoke(Ljava.lang.Object;[Ljava.lang.Object;I)Ljava.lang.Object;(Unknown
Source)
at
org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String;)Ljava.lang.Object;(ReflectedMBeanDispatcher.java:284)
at
org.jboss.mx.server.MBeanServerImpl.invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String;)Ljava.lang.Object;(MBeanServerImpl.java:546)
at
org.jboss.mx.util.MBeanProxyExt.invoke(Ljava.lang.Object;Ljava.lang.reflect.Method;[Ljava.lang.Object;)Ljava.lang.Object;(MBeanProxyExt.java:177)
at $Proxy4.start(Ljavax.management.ObjectName;)V(Unknown Source)
at
org.jboss.deployment.SARDeployer.start(Lorg.jboss.deployment.DeploymentInfo;)V(SARDeployer.java:226)
at
org.jboss.deployment.MainDeployer.start(Lorg.jboss.deployment.DeploymentInfo;)V(MainDeployer.java:832)
at
org.jboss.deployment.MainDeployer.deploy(Lorg.jboss.deployment.DeploymentInfo;)V(MainDeployer.java:642)
at
org.jboss.deployment.MainDeployer.deploy(Ljava.net.URL;)V(MainDeployer.java:605)
at
org.jboss.deployment.MainDeployer.deploy(Ljava.lang.String;)V(MainDeployer.java:589)
My login-config.xml looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policy PUBLIC
"-//JBoss//DTD JBOSS Security Config 3.0//EN"
"http://www.jboss.org/j2ee/dtd/security_config.dtd";>
<!-- Used by clients within the application server VM such as
mbeans and servlets that access EJBs.
-->
<application-policy name = "client-login">
<login-module code = "org.jboss.security.ClientLoginModule"
flag = "required">
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option name="unauthenticatedIdentity">anonymous</module-option>
</login-module>
</application-policy>
<!-- TFPortlets security domain -->
<application-policy name = "snip">
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag
= "required"/>
</application-policy>
<!-- Security domain for JBossMQ -->
<application-policy name = "jbossmq">
<login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
flag = "required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name =
"sm.objectname">jboss.mq:service=StateManager</module-option>
</login-module>
</application-policy>
<!-- Security domains for testing new jca framework -->
<application-policy name = "HsqlDbRealm">
<login-module code =
"org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag = "required">
<module-option name = "principal">sa</module-option>
<module-option name = "userName">sa</module-option>
<module-option name = "password"></module-option>
<module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
</login-module>
</application-policy>
<application-policy name = "FirebirdDBRealm">
<login-module code =
"org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag = "required">
<module-option name = "principal">sysdba</module-option>
<module-option name = "userName">sysdba</module-option>
<module-option name = "password">masterkey</module-option>
<module-option name =
"managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=FirebirdDS</module-option>
</login-module>
</application-policy>
<application-policy name = "JmsXARealm">
<login-module code =
"org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag = "required">
<module-option name = "principal">guest</module-option>
<module-option name = "userName">guest</module-option>
<module-option name = "password">guest</module-option>
<module-option name =
"managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
</login-module>
</application-policy>
<!-- A template configuration for the jmx-console web application. This
defaults to the UsersRolesLoginModule the same as other and should be
changed to a stronger authentication mechanism as required.
-->
<application-policy name = "jmx-console">
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</application-policy>
<!-- A template configuration for the web-console web application. This
defaults to the UsersRolesLoginModule the same as other and should be
changed to a stronger authentication mechanism as required.
-->
<application-policy name = "web-console">
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</application-policy>
<!-- The default login configuration used by any security domain that
does not have a application-policy entry with a matching name
-->
<application-policy name = "other">
<!-- A simple server login module, which can be used when the number
of users is relatively small. It uses two properties files:
users.properties, which holds users (key) and their password (value).
roles.properties, which holds users (key) and a comma-separated list of
their roles (value).
The unauthenticatedIdentity property defines the name of the principal
that will be used when a null username and password are presented as is
the case for an unuathenticated web client or MDB. If you want to
allow such users to be authenticated add the property, e.g.,
unauthenticatedIdentity="nobody"
-->
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</application-policy>
where the application-policy name = snip is the .war file that I want to password
protect.
/Anders
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3840733#3840733
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3840733
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
