Re: [JBoss-user] JAAS Based Security in JBoss
thanks scott, my error is that my both dist/auth.conf and client/auth.conf are the same. they must be different. client should call ClientLoginModule thierry
Re: [JBoss-user] JAAS Based Security in JBoss
If the auth.conf file in your jboss_dist/client directory is as you indicate then that is the problem. That is the auth.conf file for the server and should be in the jboss_dist/conf/default directory. You jboss_dist/client/auth.conf file should be the default one shipped with the distribution which contains: client 780>cat auth.conf srp { // Example client auth.conf for using the SRPLoginModule org.jboss.srp.jaas.SRPLoginModule required password-stacking="useFirstPass" principalClassName="org.jboss.security.SimplePrincipal" srpServerJndiName="SRPServerInterface" debug=true ; // jBoss LoginModule org.jboss.security.ClientLoginModule required password-stacking="useFirstPass" ; // Put your login modules that need jBoss here }; other { // Put your login modules that work without jBoss here // jBoss LoginModule org.jboss.security.ClientLoginModule required; // Put your login modules that need jBoss here }; - Original Message - From: "thierry birre" <[EMAIL PROTECTED]> To: "danch" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, March 22, 2001 12:44 AM Subject: Re: [JBoss-user] JAAS Based Security in JBoss > hi danch, > > my client/auth.conf on server side is : > simple org.jboss.security.plugins.samples.SimpleServerLoginModule required; > }; > // The default server login module > other {org.jboss.security.plugins.samples.JaasServerLoginModule > required; > }; > session-roles { > org.jboss.security.plugins.samples.JaasServerLoginModule required > password-stacking="useFirstPass"; > org.jboss.security.plugins.samples.RolesLoginModule required; > }; > > yes i have a jboss.xml in my .jar's META-INF > that sets: > java:/jaas/other > and only for the container config that i wil use for this sample : > Standard Stateless SessionBean > > java:/jaas/session-roles > > and i have no old files of older version in my classpath. > all jar files loaded in the classpath came from the dist/lib or dist/lib/ext > where dist={jboss_home} > > and i have no add lines on my standardjboss.xml > false > and no > no > and no > > where is the problem ? > > thierry ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] JAAS Based Security in JBoss
hi danch, my client/auth.conf on server side is : simple org.jboss.security.plugins.samples.SimpleServerLoginModule required; }; // The default server login module other {org.jboss.security.plugins.samples.JaasServerLoginModule required; }; session-roles { org.jboss.security.plugins.samples.JaasServerLoginModule required password-stacking="useFirstPass"; org.jboss.security.plugins.samples.RolesLoginModule required; }; yes i have a jboss.xml in my .jar's META-INF that sets: java:/jaas/other and only for the container config that i wil use for this sample : Standard Stateless SessionBean java:/jaas/session-roles and i have no old files of older version in my classpath. all jar files loaded in the classpath came from the dist/lib or dist/lib/ext where dist={jboss_home} and i have no add lines on my standardjboss.xml false and no no and no where is the problem ? thierry - Original Message - From: "danch" <[EMAIL PROTECTED]> To: "Thierry Birre" <[EMAIL PROTECTED]> Sent: Wednesday, March 21, 2001 4:58 PM Subject: Re: [JBoss-user] JAAS Based Security in JBoss > Hmm. This has been working for me for some time (although for the last > week or so it was broken with different simptoms than yours - I don't > know if this was my config or something that happened when the security > was split into a separate module. At any rate CVS from this morning works.) > > This 'null principal' makes me wonder: what does your server-side > auth.conf look like. The stock one from the JBoss build should work. > Do you have a jboss.xml in your jar's META-INF that sets > authentication-module and role-mapping-manager? Are you sure you don't > have older (maybe JBoss 2.0) stuff on your client's classpath? > > Thierry Birre wrote: > > > This message was sent from Geocrawler.com by "Thierry Birre" <[EMAIL PROTECTED]> > > > > yes i'm calling from a stand-alone client and i > > point this client to the good client/auth.conf > > > > java -Djava.security.auth.login.config=file:// > > ${jboss_home}/client/auth.conf SessionClient > > scott echoman > > > > i have exactly follow config instructions of > > the "JAAS Based Security in JBoss Custom Security > > in JBoss Using the JBossSX Framework" page of the > > new manual : > > http://www.jboss.org/documentation/HTML/ch09s32.ht > > ml > > > > but i always have the same error principal=null ? > > > > thanks! > > > > thierry > > > > --- > > I assume that you're calling from a stand-alone > > client? Did you point > > that client at the auth.conf in the > > /client directory, or > > the one in conf/default? The client needs to read > > the auth.conf from the > > client directory in order to Do the Right Thing. > > > > danch > > > > thierry birre wrote: > > > > > >> hi jboss-users > >> > >> > >> > >> i'm using the last 2.1 version of jboss with > > > > embedded tomcat on windows > > > >> 2000. > >> > >> > >> > >> i read the page of the new manual : > >> > >> > > > > http://www.jboss.org/documentation/HTML/ch09s32.ht > > ml > > > >> > >> > >> after configuring all files : > >> > >> jboss.jcml, standardjboss.xml, auth.conf, > > > > roles.properties and > > > >> users.properties > >> > >> all the deployment phase is ok. > >> > >> > >> > >> but when i run the SessionClient i have a > > > > remote exception : > > > >> > >> > >> _on the client window :_ > >> > >> Created LoginContext > >> [JAASSecurity] User 'scott' authenticated. > >> Found StatelessSessionHome > >> java.rmi.ServerException: RemoteException > > > > occurred in server thread; > > > >> nested exception is: > >> java.rmi.RemoteException: > > > > checkSecurityAssociation; nested > > > >> exception is: > >> java.lang.SecurityException: > > > > Authentication exception > > > >> java.rmi.RemoteException: > > > > checkSecurityAssociation; nested exception is: > > > >> java.lang.SecurityException: > > > > Authentication exception > > > >> java.lang.SecurityException: Authentication > > > > exception > > > >>
RE: [JBoss-user] JAAS Based Security in JBoss
Title: RE: [JBoss-user] JAAS Based Security in JBoss Your client should always use /client/auth.conf, the other one is to configure the SecurityManager Container. Again if you run Tomcat in standalone everything works fine. standardjboss.xml -- Standard Stateless SessionBean java:/jaas/other ... conf/default/auth.conf === other { org.jboss.security.plugins.samples.JaasServerLoginModule required; } -Original Message- From: danch [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 21, 2001 8:24 AM To: [EMAIL PROTECTED] Subject: Re: [JBoss-user] JAAS Based Security in JBoss I assume that you're calling from a stand-alone client? Did you point that client at the auth.conf in the /client directory, or the one in conf/default? The client needs to read the auth.conf from the client directory in order to Do the Right Thing. danch thierry birre wrote: > hi jboss-users > > > > i'm using the last 2.1 version of jboss with embedded tomcat on windows > 2000. > > > > i read the page of the new manual : > > http://www.jboss.org/documentation/HTML/ch09s32.html > > > > after configuring all files : > > jboss.jcml, standardjboss.xml, auth.conf, roles.properties and > users.properties > > all the deployment phase is ok. > > > > but when i run the SessionClient i have a remote exception : > > > > _on the client window :_ > > Created LoginContext > [JAASSecurity] User 'scott' authenticated. > Found StatelessSessionHome > java.rmi.ServerException: RemoteException occurred in server thread; > nested exception is: > java.rmi.RemoteException: checkSecurityAssociation; nested > exception is: > java.lang.SecurityException: Authentication exception > java.rmi.RemoteException: checkSecurityAssociation; nested exception is: > java.lang.SecurityException: Authentication exception > java.lang.SecurityException: Authentication exception > at > sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Unknown > Source) > at sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source) > at sun.rmi.server.UnicastRef.invoke(Unknown Source) > at > org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker_Stub.invokeHome(Unknown > Source) > at > org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:248) > at $Proxy0.create(Unknown Source) > at SessionClient.main(SessionClient.java:78) > > > > _on the server window :_ > > [J2EE Deployer Default] Deploy J2EE application: > file:/C:/java/platform/dist/deploy/ssbean.jar > [J2EE Deployer Default] Create application ssbean.jar > [J2EE Deployer Default] install module ssbean.jar > [Container factory] > Deploying:file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar > [Verifier] Verifying > file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar/ejb1002.jar > [Container factory] Deploying StatelessSession > [Container factory] lookup securityManager name: java:/jaas/other > [Container factory] JAAS.Created > securityMgr=org.jboss.security.plugins.JaasSecurityManager@2696c2 > [Container factory] JAAS.setCachePolicy, c=null > [Container factory] JAAS.Added session-roles, > org.jboss.security.plugins.JaasSecurityManager@2696c2 > to map > [Container factory] Deploying StatefulSession > [Container factory] lookup securityManager name: java:/jaas/other > [Container factory] Deployed application: > file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar > [J2EE Deployer Default] J2EE application: > file:/C:/java/platform/dist/deploy/ssbean.jar is deployed. > > > > [Auto deploy] Started > [JMX RMI Adaptor] Starting > [JMX RMI Adaptor] Started > [JMX RMI Connector] Starting > [JMX RMI Connector] Started > [Service Control] Started 18 services > [Default] JBoss PRE-2.1 Started in 0m:14s > [StatelessSession] Authentication exception, principal=null > > > > i have looked for a solution in archives, but i can't find one ! > > > > is it an error of configuration or classpath error or context error ? > > > > any help is welcome. > > > > thierry ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] JAAS Based Security in JBoss
I assume that you're calling from a stand-alone client? Did you point that client at the auth.conf in the /client directory, or the one in conf/default? The client needs to read the auth.conf from the client directory in order to Do the Right Thing. danch thierry birre wrote: > hi jboss-users > > > > i'm using the last 2.1 version of jboss with embedded tomcat on windows > 2000. > > > > i read the page of the new manual : > > http://www.jboss.org/documentation/HTML/ch09s32.html > > > > after configuring all files : > > jboss.jcml, standardjboss.xml, auth.conf, roles.properties and > users.properties > > all the deployment phase is ok. > > > > but when i run the SessionClient i have a remote exception : > > > > _on the client window :_ > > Created LoginContext > [JAASSecurity] User 'scott' authenticated. > Found StatelessSessionHome > java.rmi.ServerException: RemoteException occurred in server thread; > nested exception is: > java.rmi.RemoteException: checkSecurityAssociation; nested > exception is: > java.lang.SecurityException: Authentication exception > java.rmi.RemoteException: checkSecurityAssociation; nested exception is: > java.lang.SecurityException: Authentication exception > java.lang.SecurityException: Authentication exception > at > sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Unknown > Source) > at sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source) > at sun.rmi.server.UnicastRef.invoke(Unknown Source) > at > org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker_Stub.invokeHome(Unknown > Source) > at > org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:248) > at $Proxy0.create(Unknown Source) > at SessionClient.main(SessionClient.java:78) > > > > _on the server window :_ > > [J2EE Deployer Default] Deploy J2EE application: > file:/C:/java/platform/dist/deploy/ssbean.jar > [J2EE Deployer Default] Create application ssbean.jar > [J2EE Deployer Default] install module ssbean.jar > [Container factory] > Deploying:file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar > [Verifier] Verifying > file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar/ejb1002.jar > [Container factory] Deploying StatelessSession > [Container factory] lookup securityManager name: java:/jaas/other > [Container factory] JAAS.Created > securityMgr=org.jboss.security.plugins.JaasSecurityManager@2696c2 > [Container factory] JAAS.setCachePolicy, c=null > [Container factory] JAAS.Added session-roles, > org.jboss.security.plugins.JaasSecurityManager@2696c2 > to map > [Container factory] Deploying StatefulSession > [Container factory] lookup securityManager name: java:/jaas/other > [Container factory] Deployed application: > file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar > [J2EE Deployer Default] J2EE application: > file:/C:/java/platform/dist/deploy/ssbean.jar is deployed. > > > > [Auto deploy] Started > [JMX RMI Adaptor] Starting > [JMX RMI Adaptor] Started > [JMX RMI Connector] Starting > [JMX RMI Connector] Started > [Service Control] Started 18 services > [Default] JBoss PRE-2.1 Started in 0m:14s > [StatelessSession] Authentication exception, principal=null > > > > i have looked for a solution in archives, but i can't find one ! > > > > is it an error of configuration or classpath error or context error ? > > > > any help is welcome. > > > > thierry ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
RE: [JBoss-user] JAAS Based Security in JBoss
I had the same problem with Tomcat embeded in Jboss 2.1, authentication works but authorization fails with jaas/other configuration. However if you run Tomcat as a separate process it works fine. -Original Message-From: thierry birre [mailto:[EMAIL PROTECTED]]Sent: Wednesday, March 21, 2001 4:28 AMTo: [EMAIL PROTECTED]Subject: [JBoss-user] JAAS Based Security in JBoss hi jboss-users i'm using the last 2.1 version of jboss with embedded tomcat on windows 2000. i read the page of the new manual : http://www.jboss.org/documentation/HTML/ch09s32.html after configuring all files : jboss.jcml, standardjboss.xml, auth.conf, roles.properties and users.properties all the deployment phase is ok. but when i run the SessionClient i have a remote exception : on the client window : Created LoginContext[JAASSecurity] User 'scott' authenticated.Found StatelessSessionHomejava.rmi.ServerException: RemoteException occurred in server thread; nested exception is: java.rmi.RemoteException: checkSecurityAssociation; nested exception is: java.lang.SecurityException: Authentication exceptionjava.rmi.RemoteException: checkSecurityAssociation; nested exception is: java.lang.SecurityException: Authentication exceptionjava.lang.SecurityException: Authentication exception at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Unknown Source) at sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source) at sun.rmi.server.UnicastRef.invoke(Unknown Source) at org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker_Stub.invokeHome(Unknown Source) at org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:248) at $Proxy0.create(Unknown Source) at SessionClient.main(SessionClient.java:78) on the server window : [J2EE Deployer Default] Deploy J2EE application: file:/C:/java/platform/dist/deploy/ssbean.jar[J2EE Deployer Default] Create application ssbean.jar[J2EE Deployer Default] install module ssbean.jar[Container factory] Deploying:file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar[Verifier] Verifying file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar/ejb1002.jar[Container factory] Deploying StatelessSession[Container factory] lookup securityManager name: java:/jaas/other[Container factory] JAAS.Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@2696c2[Container factory] JAAS.setCachePolicy, c=null[Container factory] JAAS.Added session-roles, org.jboss.security.plugins.JaasSecurityManager@2696c2to map[Container factory] Deploying StatefulSession[Container factory] lookup securityManager name: java:/jaas/other[Container factory] Deployed application: file:/C:/java/platform/dist/tmp/deploy/Default/ssbean.jar[J2EE Deployer Default] J2EE application: file:/C:/java/platform/dist/deploy/ssbean.jar is deployed. [Auto deploy] Started[JMX RMI Adaptor] Starting[JMX RMI Adaptor] Started[JMX RMI Connector] Starting[JMX RMI Connector] Started[Service Control] Started 18 services[Default] JBoss PRE-2.1 Started in 0m:14s[StatelessSession] Authentication exception, principal=null i have looked for a solution in archives, but i can't find one ! is it an error of configuration or classpath error or context error ? any help is welcome. thierry