[jboss-user] [Beginners Corner] - Re: Authentication Error
I would advice you to subclass org.jboss.security.auth.spi.AbstractServerLoginModule or one of its subclasses. This way, JBoss specific code might already be present. You could also compare your code to their implementation. But I don't know whether this helps. Wolfgang View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4250684#4250684 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250684 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Beginners Corner] - Re: Authentication Error
Hello Wolfgang, Thank you for your response. I will try what you mention. I will post an answer if I figure it out. Thanks again. Luis View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4250688#4250688 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250688 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Beginners Corner] - Re: Authentication Error
Hi, which JBoss version? I assume that you use a custom login module? If yes: please post it, too. In general, you should provide is with much more details about your app. Also, in the Post reply window, you should wrap all config and code snippets in Code-Blocks (see toolbar button), because this increases readability. Best regards Wolfgang View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4250385#4250385 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250385 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Beginners Corner] - Re: Authentication Error
Hello Wolfgang and thanks for your reply! Ok, here is more information thanks for your patience. I am using JBoss 5.1.0GA - JDK6. I am also usuing a custom login config. Below is the configuration: | application-policy name=MYCOMPANY-login-module | authentication | login-module code=org.MYCOMPANY.security.auth.MYCOMPANYLoginModule flag=required | module-option name = modeUSER/module-option | | /login-module | | /authentication | /application-policy | | Part of the Login Module Code: | | public boolean login() throws LoginException | { | Session ses = null; | try | { | valid = false; | int code; | NameCallback n = new NameCallback(User Name - , Guest); | PasswordCallback p = new PasswordCallback(Password - , false); | | callbackHandler.handle(new Callback[]{n, p}); | userName = n.getName().trim(); | password = new String(p.getPassword()).trim(); | code = General.getLoginID(userName, password); //validate login with username code 0 successfully authenticated | if (code 0) //if valid login ID was found for user name and password | { | ses = HibernateFactory.getInstance().getSession(); | Login login = (Login)ses.load(Login.class, Integer.toString(code)); | namePrincipal = new MYCOMPANYPrincipal(login); | valid = true; | } | else if (isValidUserName(userName) Employers.isValidTemporaryPassword(userName, password)) //if user name and password are valid | { | NewEmployeePrincipal nep = new NewEmployeePrincipal(userName); | Login login = new Login(); | login.getAssociations().add(nep); | login.setCurrentAssociation(nep); | login.setName(userName); | namePrincipal = new MYCOMPANYPrincipal(login); | valid = true; | } | if (!valid) | { | logger.info(NOT A VALID login() - Invalid Username/Password combination - MYCOMPANYLoginModule.login()); | | } | return valid; | } | catch(Throwable t) | { | t.printStackTrace(); | logger.error(Exception - MYCOMPANYLoginModule: , t); | SessionLog.exception(this.getClass().getName() + .login() exception: , t); | throw new LoginException(this.getClass().getName() + .login() exception: + t); | } | finally | { | if (ses != null) | { | try | { | ses.close(); | } | catch(Exception e) | { | SessionLog.exception(this.getClass().getName() + .login() exception: , e); | } | } | } | } | | Everything returns as I expect on the login code. I still have more work on my part to integrate another login module that deals with roles for our authentication but what throws me off is that exception message that the security context has not been set. I hope this is the information you need to help. Please let me know if there is anything else I can look at or post here. Thanks again! View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4250404#4250404 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250404 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Beginners Corner] - Re: Authentication Error
Hi, what is the base class of your login module? You might take a look at JBoss classes which are also derived from this one, maybe they provide you with some hint. I fear that we are leaving the field of my knowledge, but I try to give you further help. Wolfgang View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4250407#4250407 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250407 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Beginners Corner] - Re: Authentication Error
My login module class implements javax.security.auth.spi.LoginModule. Do you think the problem is code and not a configuration issue? Thanks View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4250409#4250409 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250409 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Beginners Corner] - Re: Authentication Error
Hi, I think you should post the entire exception here ;-), and also: when does the error happen (on deploy, on login)? Please post snippets of the security config. Doing a bit of google with your error message, I found this: http://www.jboss.org/index.html?module=bbop=viewtopict=151883 Maybe the Best regards Wolfgang View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4250074#4250074 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250074 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Beginners Corner] - Re: Authentication Error
Hello Wolfgang, Thank you for your reponse! The error happens during login. Below I have my login-config.xml and the entire exception. Thanks!! login-config.xml: application-policy name=XYZ-login-module login-module code=org.XYZ.security.auth.XYZLoginModule flag=required module-option name = modeUSER/module-option /login-module /application-policy Exception: 08:10:05,523 ERROR [JBossWebRealm] Error during authenticate java.lang.IllegalStateException: Security Context has not been set at org.jboss.web.tomcat.security.SecurityAssociationActions$SetPrincipal InfoAction.run(SecurityAssociationActions.java:70) at java.security.AccessController.doPrivileged(Native Method) at org.jboss.web.tomcat.security.SecurityAssociationActions.setPrincipal Info(SecurityAssociationActions.java:270) at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebReal m.java:388) at org.apache.catalina.authenticator.FormAuthenticator.authenticate(Form Authenticator.java:258) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica torBase.java:417) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv e.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce ss(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok e(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j ava:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j ava:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC onnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal ve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav a:330) at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436) at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpPro tocol.java:384) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44 7) at java.lang.Thread.run(Thread.java:619) View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4250201#4250201 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250201 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user