Hello, Probably, it is stupid problem, but I am unable to resole it myself :(
I was going to implement very simple custom LoginModule in my web app discussed in section 8.4.7.2. 'A Custom LoginModule Example' of 'The JBoss 4 Application Server Guide' book published at http://docs.jboss.org/jbossas/jboss4guide/r4/html/index.html The following actions were done 1. jboss.xml file with the following content was put to WEB-INF directory of my web app: <?xml version="1.0" encoding="ISO-8859-1"?> | <jboss> | <security-domain>java:/jaas/My_web_security</security-domain> | </jboss> 2. login-config.xml file with the following content was put to WEB-INF directory of my web app: <policy> | <application-policy name = "My_web_security"> | <authentication> | <login-module code="com.mydomain.web.security.JbossLoginModule" flag="required"> | <module-option name = "userPathPrefix">/security/store/password</module-option> | <module-option name = "rolesPathPrefix">/security/store/roles</module-option> | </login-module> | </authentication> | </application-policy> | </policy> 3. The following security constraints were added into web.xml file <login-config> | <auth-method>FORM</auth-method> | <form-login-config> | <form-login-page>/pages/common/login.htm</form-login-page> | <form-error-page>/pages/common/loginerror.htm</form-error-page> | </form-login-config> | </login-config> | | <security-constraint> | <web-resource-collection> | <web-resource-name>MY_RESTRICTED</web-resource-name> | <url-pattern>/pages/secure/*</url-pattern> | </web-resource-collection> | <auth-constraint> | <role-name>MY_SYSADMIN</role-name> | <role-name>MY_LOADER</role-name> | <role-name>MY_DEFAULT</role-name> | </auth-constraint> | </security-constraint> | | <security-role> | <role-name>MY_SYSADMIN</role-name> | </security-role> | <security-role> | <role-name>MY_LOADER</role-name> | </security-role> | <security-role> | <role-name>MY_DEFAULT</role-name> | </security-role> 4. The following login module was created in my web app: package com.mydomain.web.security; | | import java.security.acl.Group; | import java.util.Map; | import javax.security.auth.Subject; | import javax.security.auth.callback.CallbackHandler; | import javax.security.auth.login.LoginException; | | import org.jboss.security.SimpleGroup; | import org.jboss.security.SimplePrincipal; | import org.jboss.security.auth.spi.UsernamePasswordLoginModule; | | /** | * An example custom login module. | */ | public class JbossLoginModule extends UsernamePasswordLoginModule { | private String userPathPrefix; | private String rolesPathPrefix; | | /** | * Override to obtain the userPathPrefix and rolesPathPrefix options. | */ | public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) | { | super.initialize(subject, callbackHandler, sharedState, options); | userPathPrefix = (String) options.get("userPathPrefix"); | rolesPathPrefix = (String) options.get("rolesPathPrefix"); | } | | /** | * Get the roles the current user belongs to. | */ | protected Group[] getRoleSets() throws LoginException | { | String rolesPath = rolesPathPrefix + '/' + super.getUsername(); | String[] roles = {"MY_SYSADMIN", "MY_LOADER", "MY_DEFAULT"}; | Group[] groups = {new SimpleGroup("Roles")}; | | for(int r = 0; r < roles.length; r ++) | { | SimplePrincipal role = new SimplePrincipal(roles[r]); | groups[0].addMember(role); | } | | return groups; | } | | /** | * Get the password of the current user. | */ | protected String getUsersPassword() throws LoginException | { | String userPath = userPathPrefix + '/' + super.getUsername(); | String passwd = "1"; | | return passwd; | } | } 5. login.htm and loginerror.htm pages were created Unfortunately, after deployment on JBOSS, the following exception is raised when username and password is submitted: 14:42:39,116 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing | java.lang.ClassCastException: org.jboss.security.plugins.JaasSecurityManager cannot be cast to org.jboss.security.SubjectSecurityManager | at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:488) | at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) | at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) | at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580) | at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) | at java.lang.Thread.run(Thread.java:619) I tried to find something in Google about this error, but found nothing. Can anyone help me? JBOSS [Trinity] 4.2.0.GA (build: SVNTag=JBoss_4_2_0_GA date=200705111440) is used. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4051273#4051273 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4051273 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user