Re: [JBoss-user] JAAS Based Security in JBoss
thanks scott, my error is that my both dist/auth.conf and client/auth.conf are the same. they must be different. client should call ClientLoginModule thierry
Re: [JBoss-user] JAAS Based Security in JBoss
If the auth.conf file in your jboss_dist/client directory is as you indicate then that
is the problem. That is the auth.conf file for the server and should be in the
jboss_dist/conf/default directory. You jboss_dist/client/auth.conf file should be
the default one shipped with the distribution which contains:
client 780>cat auth.conf
srp {
// Example client auth.conf for using the SRPLoginModule
org.jboss.srp.jaas.SRPLoginModule required
password-stacking="useFirstPass"
principalClassName="org.jboss.security.SimplePrincipal"
srpServerJndiName="SRPServerInterface"
debug=true
;
// jBoss LoginModule
org.jboss.security.ClientLoginModule required
password-stacking="useFirstPass"
;
// Put your login modules that need jBoss here
};
other {
// Put your login modules that work without jBoss here
// jBoss LoginModule
org.jboss.security.ClientLoginModule required;
// Put your login modules that need jBoss here
};
- Original Message -
From: "thierry birre" <[EMAIL PROTECTED]>
To: "danch" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, March 22, 2001 12:44 AM
Subject: Re: [JBoss-user] JAAS Based Security in JBoss
> hi danch,
>
> my client/auth.conf on server side is :
> simple org.jboss.security.plugins.samples.SimpleServerLoginModule required;
> };
> // The default server login module
> other {org.jboss.security.plugins.samples.JaasServerLoginModule
> required;
> };
> session-roles {
> org.jboss.security.plugins.samples.JaasServerLoginModule required
> password-stacking="useFirstPass";
> org.jboss.security.plugins.samples.RolesLoginModule required;
> };
>
> yes i have a jboss.xml in my .jar's META-INF
> that sets:
> java:/jaas/other
> and only for the container config that i wil use for this sample :
> Standard Stateless SessionBean
>
> java:/jaas/session-roles
>
> and i have no old files of older version in my classpath.
> all jar files loaded in the classpath came from the dist/lib or dist/lib/ext
> where dist={jboss_home}
>
> and i have no add lines on my standardjboss.xml
> false
> and no
> no
> and no
>
> where is the problem ?
>
> thierry
___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] JAAS Based Security in JBoss
hi danch,
my client/auth.conf on server side is :
simple org.jboss.security.plugins.samples.SimpleServerLoginModule required;
};
// The default server login module
other {org.jboss.security.plugins.samples.JaasServerLoginModule
required;
};
session-roles {
org.jboss.security.plugins.samples.JaasServerLoginModule required
password-stacking="useFirstPass";
org.jboss.security.plugins.samples.RolesLoginModule required;
};
yes i have a jboss.xml in my .jar's META-INF
that sets:
java:/jaas/other
and only for the container config that i wil use for this sample :
Standard Stateless SessionBean
java:/jaas/session-roles
and i have no old files of older version in my classpath.
all jar files loaded in the classpath came from the dist/lib or dist/lib/ext
where dist={jboss_home}
and i have no add lines on my standardjboss.xml
false
and no
no
and no
where is the problem ?
thierry
- Original Message -
From: "danch" <[EMAIL PROTECTED]>
To: "Thierry Birre" <[EMAIL PROTECTED]>
Sent: Wednesday, March 21, 2001 4:58 PM
Subject: Re: [JBoss-user] JAAS Based Security in JBoss
> Hmm. This has been working for me for some time (although for the last
> week or so it was broken with different simptoms than yours - I don't
> know if this was my config or something that happened when the security
> was split into a separate module. At any rate CVS from this morning
works.)
>
> This 'null principal' makes me wonder: what does your server-side
> auth.conf look like. The stock one from the JBoss build should work.
> Do you have a jboss.xml in your jar's META-INF that sets
> authentication-module and role-mapping-manager? Are you sure you don't
> have older (maybe JBoss 2.0) stuff on your client's classpath?
>
> Thierry Birre wrote:
>
> > This message was sent from Geocrawler.com by "Thierry Birre"
<[EMAIL PROTECTED]>
> >
> > yes i'm calling from a stand-alone client and i
> > point this client to the good client/auth.conf
> >
> > java -Djava.security.auth.login.config=file://
> > ${jboss_home}/client/auth.conf SessionClient
> > scott echoman
> >
> > i have exactly follow config instructions of
> > the "JAAS Based Security in JBoss Custom Security
> > in JBoss Using the JBossSX Framework" page of the
> > new manual :
> > http://www.jboss.org/documentation/HTML/ch09s32.ht
> > ml
> >
> > but i always have the same error principal=null ?
> >
> > thanks!
> >
> > thierry
> >
> > ---
> > I assume that you're calling from a stand-alone
> > client? Did you point
> > that client at the auth.conf in the
> > /client directory, or
> > the one in conf/default? The client needs to read
> > the auth.conf from the
> > client directory in order to Do the Right Thing.
> >
> > danch
> >
> > thierry birre wrote:
> >
> >
> >> hi jboss-users
> >>
> >>
> >>
> >> i'm using the last 2.1 version of jboss with
> >
> > embedded tomcat on windows
> >
> >> 2000.
> >>
> >>
> >>
> >> i read the page of the new manual :
> >>
> >>
> >
> > http://www.jboss.org/documentation/HTML/ch09s32.ht
> > ml
> >
> >>
> >>
> >> after configuring all files :
> >>
> >> jboss.jcml, standardjboss.xml, auth.conf,
> >
> > roles.properties and
> >
> >> users.properties
> >>
> >> all the deployment phase is ok.
> >>
> >>
> >>
> >> but when i run the SessionClient i have a
> >
> > remote exception :
> >
> >>
> >>
> >> _on the client window :_
> >>
> >> Created LoginContext
> >> [JAASSecurity] User 'scott' authenticated.
> >> Found StatelessSessionHome
> >> java.rmi.ServerException: RemoteException
> >
> > occurred in server thread;
> >
> >> nested exception is:
> >> java.rmi.RemoteException:
> >
> > checkSecurityAssociation; nested
> >
> >> exception is:
> >> java.lang.SecurityException:
> >
> > Authentication exception
> >
> >> java.rmi.RemoteException:
> >
> > checkSecurityAssociation; nested exception is:
> >
> >> java.lang.SecurityException:
> >
> > Authentication exception
> >
> >> java.lang.SecurityException: Authentication
> >
> > exception
> >
> >>
RE: [JBoss-user] JAAS Based Security in JBoss
Title: RE: [JBoss-user] JAAS Based Security in JBoss
Your client should always use /client/auth.conf, the other one is to configure the SecurityManager Container. Again if you run Tomcat in standalone everything works fine.
standardjboss.xml
--
Standard Stateless SessionBean
java:/jaas/other
...
conf/default/auth.conf
===
other {
org.jboss.security.plugins.samples.JaasServerLoginModule required;
}
-Original Message-
From: danch [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 21, 2001 8:24 AM
To: [EMAIL PROTECTED]
Subject: Re: [JBoss-user] JAAS Based Security in JBoss
I assume that you're calling from a stand-alone client? Did you point
that client at the auth.conf in the /client directory, or
the one in conf/default? The client needs to read the auth.conf from the
client directory in order to Do the Right Thing.
danch
thierry birre wrote:
> hi jboss-users
>
>
>
> i'm using the last 2.1 version of jboss with embedded tomcat on windows
> 2000.
>
>
>
> i read the page of the new manual :
>
> http://www.jboss.org/documentation/HTML/ch09s32.html
>
>
>
> after configuring all files :
>
> jboss.jcml, standardjboss.xml, auth.conf, roles.properties and
> users.properties
>
> all the deployment phase is ok.
>
>
>
> but when i run the SessionClient i have a remote exception :
>
>
>
> _on the client window :_
>
> Created LoginContext
> [JAASSecurity] User 'scott' authenticated.
> Found StatelessSessionHome
> java.rmi.ServerException: RemoteException occurred in server thread;
> nested exception is:
> java.rmi.RemoteException: checkSecurityAssociation; nested
> exception is:
> java.lang.SecurityException: Authentication exception
> java.rmi.RemoteException: checkSecurityAssociation; nested exception is:
> java.lang.SecurityException: Authentication exception
> java.lang.SecurityException: Authentication exception
> at
> sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Unknown
> Source)
> at sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source)
> at sun.rmi.server.UnicastRef.invoke(Unknown Source)
> at
> org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker_Stub.invokeHome(Unknown
> Source)
> at
> org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:248)
> at $Proxy0.create(Unknown Source)
> at SessionClient.main(SessionClient.java:78)
>
>
>
> _on the server window :_
>
> [J2EE Deployer Default] Deploy J2EE application:
> file:/C:/java/platform/dist/deploy/ssbean.jar
> [J2EE Deployer Default] Create application ssbean.jar
> [J2EE Deployer Default] install module ssbean.jar
> [Container factory]
> Deploying:file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar
> [Verifier] Verifying
> file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar/ejb1002.jar
> [Container factory] Deploying StatelessSession
> [Container factory] lookup securityManager name: java:/jaas/other
> [Container factory] JAAS.Created
> securityMgr=org.jboss.security.plugins.JaasSecurityManager@2696c2
> [Container factory] JAAS.setCachePolicy, c=null
> [Container factory] JAAS.Added session-roles,
> org.jboss.security.plugins.JaasSecurityManager@2696c2
> to map
> [Container factory] Deploying StatefulSession
> [Container factory] lookup securityManager name: java:/jaas/other
> [Container factory] Deployed application:
> file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar
> [J2EE Deployer Default] J2EE application:
> file:/C:/java/platform/dist/deploy/ssbean.jar is deployed.
>
>
>
> [Auto deploy] Started
> [JMX RMI Adaptor] Starting
> [JMX RMI Adaptor] Started
> [JMX RMI Connector] Starting
> [JMX RMI Connector] Started
> [Service Control] Started 18 services
> [Default] JBoss PRE-2.1 Started in 0m:14s
> [StatelessSession] Authentication exception, principal=null
>
>
>
> i have looked for a solution in archives, but i can't find one !
>
>
>
> is it an error of configuration or classpath error or context error ?
>
>
>
> any help is welcome.
>
>
>
> thierry
___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] JAAS Based Security in JBoss
I assume that you're calling from a stand-alone client? Did you point that client at the auth.conf in the /client directory, or the one in conf/default? The client needs to read the auth.conf from the client directory in order to Do the Right Thing. danch thierry birre wrote: > hi jboss-users > > > > i'm using the last 2.1 version of jboss with embedded tomcat on windows > 2000. > > > > i read the page of the new manual : > > http://www.jboss.org/documentation/HTML/ch09s32.html > > > > after configuring all files : > > jboss.jcml, standardjboss.xml, auth.conf, roles.properties and > users.properties > > all the deployment phase is ok. > > > > but when i run the SessionClient i have a remote exception : > > > > _on the client window :_ > > Created LoginContext > [JAASSecurity] User 'scott' authenticated. > Found StatelessSessionHome > java.rmi.ServerException: RemoteException occurred in server thread; > nested exception is: > java.rmi.RemoteException: checkSecurityAssociation; nested > exception is: > java.lang.SecurityException: Authentication exception > java.rmi.RemoteException: checkSecurityAssociation; nested exception is: > java.lang.SecurityException: Authentication exception > java.lang.SecurityException: Authentication exception > at > sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Unknown > Source) > at sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source) > at sun.rmi.server.UnicastRef.invoke(Unknown Source) > at > org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker_Stub.invokeHome(Unknown > Source) > at > org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:248) > at $Proxy0.create(Unknown Source) > at SessionClient.main(SessionClient.java:78) > > > > _on the server window :_ > > [J2EE Deployer Default] Deploy J2EE application: > file:/C:/java/platform/dist/deploy/ssbean.jar > [J2EE Deployer Default] Create application ssbean.jar > [J2EE Deployer Default] install module ssbean.jar > [Container factory] > Deploying:file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar > [Verifier] Verifying > file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar/ejb1002.jar > [Container factory] Deploying StatelessSession > [Container factory] lookup securityManager name: java:/jaas/other > [Container factory] JAAS.Created > securityMgr=org.jboss.security.plugins.JaasSecurityManager@2696c2 > [Container factory] JAAS.setCachePolicy, c=null > [Container factory] JAAS.Added session-roles, > org.jboss.security.plugins.JaasSecurityManager@2696c2 > to map > [Container factory] Deploying StatefulSession > [Container factory] lookup securityManager name: java:/jaas/other > [Container factory] Deployed application: > file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar > [J2EE Deployer Default] J2EE application: > file:/C:/java/platform/dist/deploy/ssbean.jar is deployed. > > > > [Auto deploy] Started > [JMX RMI Adaptor] Starting > [JMX RMI Adaptor] Started > [JMX RMI Connector] Starting > [JMX RMI Connector] Started > [Service Control] Started 18 services > [Default] JBoss PRE-2.1 Started in 0m:14s > [StatelessSession] Authentication exception, principal=null > > > > i have looked for a solution in archives, but i can't find one ! > > > > is it an error of configuration or classpath error or context error ? > > > > any help is welcome. > > > > thierry ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
RE: [JBoss-user] JAAS Based Security in JBoss
I had the same problem with Tomcat embeded in Jboss 2.1, authentication works but authorization fails with jaas/other configuration. However if you run Tomcat as a separate process it works fine. -Original Message-From: thierry birre [mailto:[EMAIL PROTECTED]]Sent: Wednesday, March 21, 2001 4:28 AMTo: [EMAIL PROTECTED]Subject: [JBoss-user] JAAS Based Security in JBoss hi jboss-users i'm using the last 2.1 version of jboss with embedded tomcat on windows 2000. i read the page of the new manual : http://www.jboss.org/documentation/HTML/ch09s32.html after configuring all files : jboss.jcml, standardjboss.xml, auth.conf, roles.properties and users.properties all the deployment phase is ok. but when i run the SessionClient i have a remote exception : on the client window : Created LoginContext[JAASSecurity] User 'scott' authenticated.Found StatelessSessionHomejava.rmi.ServerException: RemoteException occurred in server thread; nested exception is: java.rmi.RemoteException: checkSecurityAssociation; nested exception is: java.lang.SecurityException: Authentication exceptionjava.rmi.RemoteException: checkSecurityAssociation; nested exception is: java.lang.SecurityException: Authentication exceptionjava.lang.SecurityException: Authentication exception at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Unknown Source) at sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source) at sun.rmi.server.UnicastRef.invoke(Unknown Source) at org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker_Stub.invokeHome(Unknown Source) at org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:248) at $Proxy0.create(Unknown Source) at SessionClient.main(SessionClient.java:78) on the server window : [J2EE Deployer Default] Deploy J2EE application: file:/C:/java/platform/dist/deploy/ssbean.jar[J2EE Deployer Default] Create application ssbean.jar[J2EE Deployer Default] install module ssbean.jar[Container factory] Deploying:file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar[Verifier] Verifying file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar/ejb1002.jar[Container factory] Deploying StatelessSession[Container factory] lookup securityManager name: java:/jaas/other[Container factory] JAAS.Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@2696c2[Container factory] JAAS.setCachePolicy, c=null[Container factory] JAAS.Added session-roles, org.jboss.security.plugins.JaasSecurityManager@2696c2to map[Container factory] Deploying StatefulSession[Container factory] lookup securityManager name: java:/jaas/other[Container factory] Deployed application: file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar[J2EE Deployer Default] J2EE application: file:/C:/java/platform/dist/deploy/ssbean.jar is deployed. [Auto deploy] Started[JMX RMI Adaptor] Starting[JMX RMI Adaptor] Started[JMX RMI Connector] Starting[JMX RMI Connector] Started[Service Control] Started 18 services[Default] JBoss PRE-2.1 Started in 0m:14s[StatelessSession] Authentication exception, principal=null i have looked for a solution in archives, but i can't find one ! is it an error of configuration or classpath error or context error ? any help is welcome. thierry
[JBoss-user] JAAS Based Security in JBoss
hi jboss-users i'm using the last 2.1 version of jboss with embedded tomcat on windows 2000. i read the page of the new manual : http://www.jboss.org/documentation/HTML/ch09s32.html after configuring all files : jboss.jcml, standardjboss.xml, auth.conf, roles.properties and users.properties all the deployment phase is ok. but when i run the SessionClient i have a remote exception : on the client window : Created LoginContext[JAASSecurity] User 'scott' authenticated.Found StatelessSessionHomejava.rmi.ServerException: RemoteException occurred in server thread; nested exception is: java.rmi.RemoteException: checkSecurityAssociation; nested exception is: java.lang.SecurityException: Authentication exceptionjava.rmi.RemoteException: checkSecurityAssociation; nested exception is: java.lang.SecurityException: Authentication exceptionjava.lang.SecurityException: Authentication exception at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Unknown Source) at sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source) at sun.rmi.server.UnicastRef.invoke(Unknown Source) at org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker_Stub.invokeHome(Unknown Source) at org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:248) at $Proxy0.create(Unknown Source) at SessionClient.main(SessionClient.java:78) on the server window : [J2EE Deployer Default] Deploy J2EE application: file:/C:/java/platform/dist/deploy/ssbean.jar[J2EE Deployer Default] Create application ssbean.jar[J2EE Deployer Default] install module ssbean.jar[Container factory] Deploying:file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar[Verifier] Verifying file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar/ejb1002.jar[Container factory] Deploying StatelessSession[Container factory] lookup securityManager name: java:/jaas/other[Container factory] JAAS.Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@2696c2[Container factory] JAAS.setCachePolicy, c=null[Container factory] JAAS.Added session-roles, org.jboss.security.plugins.JaasSecurityManager@2696c2to map[Container factory] Deploying StatefulSession[Container factory] lookup securityManager name: java:/jaas/other[Container factory] Deployed application: file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar[J2EE Deployer Default] J2EE application: file:/C:/java/platform/dist/deploy/ssbean.jar is deployed. [Auto deploy] Started[JMX RMI Adaptor] Starting[JMX RMI Adaptor] Started[JMX RMI Connector] Starting[JMX RMI Connector] Started[Service Control] Started 18 services[Default] JBoss PRE-2.1 Started in 0m:14s[StatelessSession] Authentication exception, principal=null i have looked for a solution in archives, but i can't find one ! is it an error of configuration or classpath error or context error ? any help is welcome. thierry
