[jboss-user] [Beginners Corner] - Re: Authentication Error

2009-08-20 Thread Wolfgang Knauf 
I would advice you to subclass 
org.jboss.security.auth.spi.AbstractServerLoginModule or one of its subclasses. 
This way, JBoss specific code might already be present. You could also compare 
your code to their implementation.

But I don't know whether this helps.

Wolfgang

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=4250684#4250684

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250684
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginners Corner] - Re: Authentication Error

2009-08-20 Thread lesquivel 
Hello Wolfgang,

Thank you for your response.  I will try what you mention.  I will post an 
answer if I figure it out.

Thanks again.

Luis

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=4250688#4250688

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250688
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginners Corner] - Re: Authentication Error

2009-08-19 Thread Wolfgang Knauf 
Hi,

which JBoss version? 

I assume that you use a custom login module? If yes: please post it, too.

In general, you should provide is with much more details about your app.

Also, in the Post reply window, you should wrap all config and code snippets 
in Code-Blocks (see toolbar button), because this increases readability.

Best regards

Wolfgang

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=4250385#4250385

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250385
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginners Corner] - Re: Authentication Error

2009-08-19 Thread lesquivel 
Hello Wolfgang and thanks for your reply!

Ok, here is more information thanks for your patience.

I am using JBoss 5.1.0GA - JDK6.  
I am also usuing a custom login config.  Below is the configuration:

  | application-policy name=MYCOMPANY-login-module
  |   authentication
  | login-module code=org.MYCOMPANY.security.auth.MYCOMPANYLoginModule 
flag=required
  |   module-option name = modeUSER/module-option
  |  
  | /login-module
  | 
  |   /authentication
  | /application-policy
  | 
  | 

Part of the Login Module Code:

  | 
  | public boolean login() throws LoginException
  |   {
  | Session ses = null;
  | try
  | {
  |   valid = false;
  |   int code;
  |   NameCallback n = new NameCallback(User Name - , Guest);
  |   PasswordCallback p = new PasswordCallback(Password - , false);
  | 
  |   callbackHandler.handle(new Callback[]{n, p});
  |   userName = n.getName().trim();
  |   password = new String(p.getPassword()).trim();
  |   code = General.getLoginID(userName, password); //validate login with 
username code 0 successfully authenticated
  |   if (code  0) //if valid login ID was found for user name and password
  |   {
  | ses = HibernateFactory.getInstance().getSession();
  | Login login = (Login)ses.load(Login.class, Integer.toString(code));
  | namePrincipal = new MYCOMPANYPrincipal(login);
  | valid = true;
  |   }
  |   else if (isValidUserName(userName)  
Employers.isValidTemporaryPassword(userName, password)) //if user name and 
password are valid
  |   {
  | NewEmployeePrincipal nep = new NewEmployeePrincipal(userName);
  | Login login = new Login();
  | login.getAssociations().add(nep);
  | login.setCurrentAssociation(nep);
  | login.setName(userName);
  | namePrincipal = new MYCOMPANYPrincipal(login);
  | valid = true;
  |   }
  |   if (!valid)
  |   {
  | logger.info(NOT A VALID login() - Invalid Username/Password 
combination - MYCOMPANYLoginModule.login());
  | 
  |   }
  |   return valid;
  | }
  | catch(Throwable t)
  | {
  |   t.printStackTrace();
  |   logger.error(Exception - MYCOMPANYLoginModule:  , t);
  |   SessionLog.exception(this.getClass().getName() + .login() exception: 
, t);
  |   throw new LoginException(this.getClass().getName() + .login() 
exception:  + t);
  | }
  | finally
  | {
  |   if (ses != null)
  |   {
  | try
  | {
  |   ses.close();
  | }
  | catch(Exception e)
  | {
  |   SessionLog.exception(this.getClass().getName() + .login() 
exception: , e);
  | }
  |   }
  | }
  |   }
  | 
  | 

Everything returns as I expect on the login code. I still have more work on my 
part to integrate another login module that deals with roles for our 
authentication but what throws me off is that exception message that the 
security context has not been set.  

I hope this is the information you need to help.  Please let me know if there 
is anything else I can look at or post here.

Thanks again!


View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=4250404#4250404

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250404
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginners Corner] - Re: Authentication Error

2009-08-19 Thread Wolfgang Knauf 
Hi,

what is the base class of your login module? You might take a look at JBoss 
classes which are also derived from this one, maybe they provide you with some 
hint.

I fear that we are leaving the field of my knowledge, but I try to give you 
further help.

Wolfgang

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=4250407#4250407

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250407
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginners Corner] - Re: Authentication Error

2009-08-19 Thread lesquivel 
My login module class implements javax.security.auth.spi.LoginModule.

Do you think the problem is code and not a configuration issue?

Thanks

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=4250409#4250409

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250409
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginners Corner] - Re: Authentication Error

2009-08-18 Thread Wolfgang Knauf 
Hi,

I think you should post the entire exception here ;-), and also: when does the 
error happen (on deploy, on login)? Please post snippets of the security config.

Doing a bit of google with your error message, I found this: 
http://www.jboss.org/index.html?module=bbop=viewtopict=151883 Maybe the 

Best regards

Wolfgang

View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=4250074#4250074

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250074
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginners Corner] - Re: Authentication Error

2009-08-18 Thread lesquivel 
Hello Wolfgang,

Thank you for your reponse!  The error happens during login.  
Below I have my login-config.xml and the entire exception.

Thanks!!

login-config.xml:
application-policy name=XYZ-login-module
  
login-module code=org.XYZ.security.auth.XYZLoginModule flag=required
  module-option name = modeUSER/module-option
/login-module
  
/application-policy

Exception:
08:10:05,523 ERROR [JBossWebRealm] Error during authenticate
java.lang.IllegalStateException: Security Context has not been set
at org.jboss.web.tomcat.security.SecurityAssociationActions$SetPrincipal
InfoAction.run(SecurityAssociationActions.java:70)
at java.security.AccessController.doPrivileged(Native Method)
at org.jboss.web.tomcat.security.SecurityAssociationActions.setPrincipal
Info(SecurityAssociationActions.java:270)
at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebReal
m.java:388)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(Form
Authenticator.java:258)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:417)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
e.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce
ss(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok
e(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
onnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:330)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436)
at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpPro
tocol.java:384)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
7)
at java.lang.Thread.run(Thread.java:619)


View the original post : 
http://www.jboss.org/index.html?module=bbop=viewtopicp=4250201#4250201

Reply to the post : 
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4250201
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user