Bugs item #809152, was opened at 2003-09-19 01:34
Message generated for change (Settings changed) made by starksm
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=376685&aid=809152&group_id=22866
Category: JBossSX
Group: v3.2
>Status: Closed
>Resolution: Invalid
Priority: 5
Submitted By: Juan Martinez (juanmartinez)
Assigned to: Nobody/Anonymous (nobody)
Summary: LoginContext between WAR and JAR in EAR
Initial Comment:
I've made small testcase that shows that LoginContext
fails in an EAR file (servlet calls slsb).
10:07:05,000 ERROR [SecurityInterceptor]
Authentication exception, principal=null
10:07:05,005 ERROR [LogInterceptor] EJBException,
causedBy:
java.lang.SecurityException: Authentication exception,
principal=null
at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:164)
at
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:81)
at
org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
at
org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
at
org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessSessionContainer.java:319)
at
org.jboss.ejb.Container.invoke(Container.java:720)
at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at
java.lang.reflect.Method.invoke(Method.java:324)
at
org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at
org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546)
at
org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:101)
at
org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90)
at
org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
at
org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45)
at
org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
at
org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
at $Proxy37.create(Unknown Source)
at web.EJBServlet.doGet(Unknown Source)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
You must define a "MyRealm" (UsersRoles) in
login-config.xml
<application-policy name = "MyRealm">
<authentication>
<login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</authentication>
</application-policy>
and "Sample" in .java.login.config with the
ClientLogin
Sample {
org.jboss.security.ClientLoginModule required;
};
If I run the WAR from Jetty to the EAR everything
works.
Ran on jboss-3.2.2rc4 release using tomcat (jetty was
4.2.12).
Hope that this can be used (I'm a J2EE newbie still).
Juan
----------------------------------------------------------------------
>Comment By: Scott M Stark (starksm)
Date: 2003-09-19 13:49
Message:
Logged In: YES
user_id=175228
The WEB-INF/jboss-web.xml descriptor needs to have a
security-domain element mapped to a config in the
login-config.xml file that includes the ClientLoginModule.
There is one called "client-login" so use:
<jboss-web>
<security-domain>java:/jaas/client-login</security-domain>
<context-root>/web</context-root>
...
I don't know where you got the .java.login.config config
file, maybe some jetty thing that does not apply to when a
web container is embedded inside of JBoss.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=376685&aid=809152&group_id=22866
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
JBoss-Development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
