i spend another day with reading jboss-documentation.
i try to send a message from a java standalone-client to a message-queue.
java-client:
| public class Test_DocImportProcessor {
| public static void main (String [] args) throws Exception {
|
| try{
|
| AppCallbackHandler handler = new AppCallbackHandler("publisher",
"publisher".toCharArray());
| System.setProperty("java.security.auth.login.config",
"pathtoauthconf\\auth.conf");
| LoginContext lc = new LoginContext("client-login", handler);
| lc.login();
|
|
| Context jndiContext = getInitialContext ();
| QueueConnectionFactory factory =
(QueueConnectionFactory)jndiContext.lookup ("ConnectionFactory");
| Queue docImportQueue = (Queue)jndiContext.lookup
("queue/docImportQueue");
| QueueConnection connect = factory.createQueueConnection ();
| QueueSession session = connect.createQueueSession (false,
Session.AUTO_ACKNOWLEDGE);
| QueueSender sender = session.createSender (docImportQueue);
| ObjectMessage message = session.createObjectMessage();
| message.setJMSReplyTo (docImportQueue);
| message.setStringProperty ("MessageFormat", "Version 3.4");
| message.setObject("test123");
| sender.send (message);
| connect.close ();
| }
| catch (Exception ex) {
| ex.printStackTrace();
| }
| }
|
| public static Context getInitialContext () throws
javax.naming.NamingException {
| Properties env = new Properties();
| env.put("java.naming.factory.initial",
"org.jnp.interfaces.NamingContextFactory");
| env.put("java.naming.provider.url", "localhost:1099");
| return new InitialContext(env);
| }
|
| static class AppCallbackHandler implements CallbackHandler {
| private String username;
| private char[] password;
| public AppCallbackHandler(String username, char[] password) {
| this.username = username;
| this.password = password;
| }
| public void handle(Callback[] callbacks) throws java.io.IOException,
UnsupportedCallbackException {
| for (int i = 0; i < callbacks.length; i++) {
| if (callbacks instanceof NameCallback) {
| NameCallback nc = (NameCallback) callbacks;
| nc.setName(username);
| } else if (callbacks instanceof PasswordCallback) {
| PasswordCallback pc = (PasswordCallback) callbacks;
| pc.setPassword(password);
| } else {
| throw new UnsupportedCallbackException(callbacks,
"Unrecognized Callback");
| }
| }
| }
| }
|
| }
|
auth.conf:
| ...
| <application-policy name = "client-login">
| <authentication>
| <login-module code = "org.jboss.security.ClientLoginModule" flag
= "required"></login-module>
| </authentication>
| </application-policy>
| ...
|
jbossmq-docImport-service.xml:
| <server>
| <mbean code="org.jboss.mq.server.jmx.Queue"
| name="jboss.mq.destination:service=Queue,name=docImportQueue">
| <depends
optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager</depends>
| <depends
optional-attribute-name="SecurityManager">jboss.mq:service=SecurityManager</depends>
| <attribute name="SecurityConf">
| <security>
| <role name="publisher" read="true" write="true" create="true"/>
| <role name="guest" read="false" write="false" create="false"/>
| </security>
| </attribute>
| </mbean>
| </server>
|
|
further: i added publisher to the jms_roles and jms_users-tables.
i didn't changed the members \conf\login-config.xml and
\deploy\jms\jbossmq-service.xml)
Exception:
| javax.jms.JMSSecurityException: Connection not authorized to addMessages to
destination: docImportQueue
| at
org.jboss.mq.security.ServerSecurityInterceptor.addMessage(ServerSecurityInterceptor.java:152)
| at
org.jboss.mq.server.TracingInterceptor.addMessage(TracingInterceptor.java:270)
| at
org.jboss.mq.server.JMSServerInvoker.addMessage(JMSServerInvoker.java:136)
| at
org.jboss.mq.il.uil2.ServerSocketManagerHandler.handleMsg(ServerSocketManagerHandler.java:92)
| at
org.jboss.mq.il.uil2.SocketManager$ReadTask.handleMsg(SocketManager.java:369)
| at org.jboss.mq.il.uil2.msgs.BaseMsg.run(BaseMsg.java:377)
| at
EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:748)
| at java.lang.Thread.run(Thread.java:595)
|
server.log:
| 2005-08-04 17:39:13,906 DEBUG [org.jboss.mq.il.uil2.SocketManager] Begin
ReadTask.run
| 2005-08-04 17:39:13,906 DEBUG [org.jboss.mq.il.uil2.SocketManager] Created
ObjectInputStream
| 2005-08-04 17:39:13,906 DEBUG [org.jboss.mq.il.uil2.SocketManager] Begin
WriteTask.run
| 2005-08-04 17:39:13,906 DEBUG [org.jboss.mq.il.uil2.SocketManager] Created
ObjectOutputStream
|
| 2005-08-04 17:39:13,906 TRACE
[org.jboss.mq.security.ServerSecurityInterceptor] Autenticating user null/null
| 2005-08-04 17:39:13,906 TRACE
[org.jboss.security.plugins.JaasSecurityManager.jbossmq] Begin isValid,
principal:null, cache info: null
| 2005-08-04 17:39:13,906 TRACE
[org.jboss.security.plugins.JaasSecurityManager.jbossmq] defaultLogin,
principal=null
|
| 2005-08-04 17:39:13,906 TRACE
[org.jboss.security.auth.login.XMLLoginConfigImpl] Begin
getAppConfigurationEntry(jbossmq), size=8
| 2005-08-04 17:39:13,906 TRACE
[org.jboss.security.auth.login.XMLLoginConfigImpl] End
getAppConfigurationEntry(jbossmq), authInfo=AppConfigurationEntry[]:
| [0]
| LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
| ControlFlag: Anmeldemodul-Steuerflag: required
| Options:name=rolesQuery, value=SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE
USERID=?
| name=principalsQuery, value=SELECT PASSWD FROM JMS_USERS WHERE USERID=?
| name=unauthenticatedIdentity, value=guest
| name=dsJndiName, value=java:/DefaultDS
|
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize, [EMAIL
PROTECTED]
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] Saw
unauthenticatedIdentity=guest
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule]
DatabaseServerLoginModule, dsJndiName=java:/DefaultDS
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=SELECT
PASSWD FROM JMS_USERS WHERE USERID=?
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=SELECT
ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] login
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] Authenticating as
unauthenticatedIdentity=guest
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] User 'guest'
authenticated, loginOk=true
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] commit, loginOk=true
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] Begin isValid,
principal:null, cache info: [EMAIL PROTECTED](101915)[EMAIL
PROTECTED](sa),credential.class=null,expirationTime=1123171735734]
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] Begin
validateCache, [EMAIL PROTECTED](101915)[EMAIL
PROTECTED](sa),credential.class=null,expirationTime=1123171735734];credential.class=null
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] End validateCache,
isValid=true
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] End isValid, true
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role
guest
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role j2ee
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role john
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.plugins.JaasSecurityManager.jbossmq] defaultLogin, [EMAIL
PROTECTED], subject=Subject(26367546)[EMAIL PROTECTED](guest)[EMAIL
PROTECTED](Roles(members:j2ee,guest,john))
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.plugins.JaasSecurityManager.jbossmq] updateCache,
inputSubject=Subject(26367546)[EMAIL PROTECTED](guest)[EMAIL
PROTECTED](Roles(members:j2ee,guest,john)),
cacheSubject=Subject(25423514)[EMAIL PROTECTED](guest)[EMAIL
PROTECTED](Roles(members:j2ee,guest,john))
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.plugins.JaasSecurityManager.jbossmq] Inserted cache info:
[EMAIL PROTECTED](25423514)[EMAIL PROTECTED](guest)[EMAIL
PROTECTED](Roles(members:j2ee,guest,john)),credential.class=null,expirationTime=1123171736062]
| 2005-08-04 17:39:13,921 TRACE
[org.jboss.security.plugins.JaasSecurityManager.jbossmq] End isValid, true
| 2005-08-04 17:39:13,921 TRACE [org.jboss.mq.security.SecurityManager]
Username: null is authenticated
| 2005-08-04 17:39:13,921 TRACE [org.jboss.mq.security.SecurityManager]
Adding group : class org.jboss.security.SimpleGroup
Roles(members:j2ee,guest,john)
| 2005-08-04 17:39:13,937 DEBUG
[org.jboss.mq.il.uil2.ServerSocketManagerHandler] Setting up the UILClientIL
Connection
| 2005-08-04 17:39:13,937 DEBUG
[org.jboss.mq.il.uil2.ServerSocketManagerHandler] The UILClientIL Connection is
set up
| 2005-08-04 17:39:13,953 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] Begin isValid,
principal:null, cache info: [EMAIL PROTECTED](101915)[EMAIL
PROTECTED](sa),credential.class=null,expirationTime=1123171735734]
| 2005-08-04 17:39:13,953 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] Begin
validateCache, [EMAIL PROTECTED](101915)[EMAIL
PROTECTED](sa),credential.class=null,expirationTime=1123171735734];credential.class=null
| 2005-08-04 17:39:13,953 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] End validateCache,
isValid=true
| 2005-08-04 17:39:13,953 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] End isValid, true
| 2005-08-04 17:39:13,953 TRACE [org.jboss.mq.sm.jdbc.JDBCStateManager]
Client id 'ID:1' is logged in.
| 2005-08-04 17:39:14,015 TRACE [org.jboss.mq.security.SecurityManager]
Checking authorize on subjectInfo: SubjectInfo {subject=Betreff:
| Principal: guest
| Principal: Roles(members:j2ee,guest,john)
| ;principal=null;roles=Roles(members:j2ee,guest,john) for rolePrincipals
[publisher]
| 2005-08-04 17:39:14,500 DEBUG
[org.jboss.mq.il.uil2.ServerSocketManagerHandler] Exiting on IOE
| java.net.SocketException: Connection reset
| at java.net.SocketInputStream.read(SocketInputStream.java:168)
| at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
| at java.io.BufferedInputStream.read(BufferedInputStream.java:235)
| at
org.jboss.util.stream.NotifyingBufferedInputStream.read(NotifyingBufferedInputStream.java:67)
| at
java.io.ObjectInputStream$PeekInputStream.peek(ObjectInputStream.java:2200)
| at
java.io.ObjectInputStream$BlockDataInputStream.readBlockHeader(ObjectInputStream.java:2380)
| at
java.io.ObjectInputStream$BlockDataInputStream.refill(ObjectInputStream.java:2447)
| at
java.io.ObjectInputStream$BlockDataInputStream.read(ObjectInputStream.java:2519)
| at
java.io.ObjectInputStream$BlockDataInputStream.readByte(ObjectInputStream.java:2668)
| at java.io.ObjectInputStream.readByte(ObjectInputStream.java:864)
| at
org.jboss.mq.il.uil2.SocketManager$ReadTask.run(SocketManager.java:290)
| at java.lang.Thread.run(Thread.java:595)
| 2005-08-04 17:39:14,515 TRACE [org.jboss.mq.sm.jdbc.JDBCStateManager]
Client id 'ID:1' is logged out.
| 2005-08-04 17:39:14,515 DEBUG [org.jboss.mq.il.uil2.SocketManager] End
ReadTask.run
| 2005-08-04 17:39:14,515 DEBUG [org.jboss.mq.il.uil2.SocketManager] End
WriteTask.run
|
it seems to me, that the principal will not be passed (i know there are a lot
of topics in the form about this problem, but most of the people "didn't
activate" the ClientLoginModule).
can anybody please give me a hint?
thank you!
marc
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3888477#3888477
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3888477
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
