In order for jboss to authenticate a webapp or ejb with a user coming from JAAS, the JAAS module must use org.jboss.security.SimplePrincipal and org.jboss.security.SimpleGroup.
This is just a hunch, but OC4J might also require an oracle specific princial. A quick search gave me these two classes.
oracle.j2ee.connector.InitiatingPrincipal oracle.j2ee.connector.InitiatingGroup
hope this helps.
-Ryan Rhodes
From: Andrew Tibets <[EMAIL PROTECTED]> Reply-To: Andrew Tibets <[EMAIL PROTECTED]> To: Slide Users Mailing List <[email protected]> Subject: JCA Connector/authentication Date: Mon, 24 Jan 2005 12:31:12 +0200
Hello,
I use Slide with jaas on OC4J. I packaged slide.war with ejb module to ear file.
When I access Slide through browser the login window appears,
I enter username: root password: root, Slide authentication goes as "root".
But when I access through WebDAV JCA Connector or DAVExplorer
Slide authentication goes as "unauthenticated" and I cannot access /slide/files.
ejb-jar.xml:
<resource-ref>
<res-ref-name>jca/WebDAV-Connector</res-ref-name>
<res-type>org.apache.webdav.connector.WebDAVConnectionFactory</res-type>
<res-auth>Application</res-auth>
</resource-ref>
ejb class:
url = (String) findEnvEntryValue(SERVER_URI);
userName = (String) findEnvEntryValue(SERVER_USER_NAME);
password = (String) findEnvEntryValue(SERVER_PASSWORD);
timeout = (Integer) findEnvEntryValue(SERVER_TRANSACTION_TIMEOUT);
WebDAVConnectionSpec spec = new WebDAVConnectionSpec(url, userName, password, timeout.intValue());
return (WebDAVConnection) factory.getConnection(spec);
url = http://pc268/slide/files username = root password = root timeout = 50
log: through browser
05/01/24 11:09:28 JAAS-OC4J: Membership check for group: user failed for user: jazn.com/anonymous
05/01/24 11:09:28 JAAS-OC4J: Membership check for group: root failed for user: jazn.com/anonymous
05/01/24 11:09:28 JAAS-OC4J: Membership check for group: guest failed for user: jazn.com/anonymous
05/01/24 11:09:33 AJPRequestHandler-ApplicationServerThread-5, 24-Jan-2005 11:09:33, root, GET, 200 "OK", 31 ms, /
log: through DAVExplorer 05/01/24 11:10:52 AJPRequestHandler-ApplicationServerThread-5, 24-Jan-2005 11:10:52, unauthenticated, OPTIONS, 200 "OK", 16 ms, / 05/01/24 11:10:52 AJPRequestHandler-ApplicationServerThread-5, 24-Jan-2005 11:10:52, unauthenticated, PROPFIND, 207 "Multi-Status", 109 ms, /
log: through WebDAV JCA Connector
05/01/24 11:12:14 24 Jan 2005 11:12:14 - org.apache.slide.common.Domain
- ERROR - [SlideLoginModule] - Failure during login()
- Access denied on /users by user unauthenticated for action /actions/read
05/01/24 11:12:14 24 Jan 2005 11:12:14 - org.apache.slide.common.Domain
- ERROR - org.apache.slide.security.AccessDeniedException:
Access denied on /users by user unauthenticated for action /actions/read
05/01/24 11:12:14 org.apache.slide.security.AccessDeniedException:
Access denied on /users by user unauthenticated for action /actions/read
05/01/24 11:12:14 at org.apache.slide.security.SecurityImpl.checkCredentials(SecurityImpl.java:409)
05/01/24 11:12:14 at org.apache.slide.structure.StructureImpl.retrieve(StructureImpl.java:179)
05/01/24 11:12:14 at org.apache.slide.content.ContentImpl.retrieve(ContentImpl.java:155)
...
05/01/24 11:12:14 Authentication Failed
05/01/24 11:12:14 Authentication: FAILED.
05/01/24 11:12:14 JAAS-OC4J: Authentication failure for user:
Why access through DAVExplorer/Connector is authenticated as "unauthenticated"?
Thanks. -- Best regards, Andrew mailto:[EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
