Re: [JBoss-user] JAAS Problem (login in same VM)

2003-11-24 Thread Scott M Stark 
If the session is not secured then what exception are you getting in
the absence of the JAAS login? Show the stack traces that are occurring.
--

Scott Stark
Chief Technology Officer
JBoss Group, LLC

Meyer-Willner, Bernhard wrote:

Hi,

this is the setup (please don't comment on design issues, the design is
screwed, I know;): The ejb-jar with the session bean in question is not
secured, i.e. jboss.xml doesn't include a security-domain tag. The session
bean calls a class (same VM), which in turn calls this session bean again.
In order to be able to acquire the interface (call create()) we need to do a
JAAS login. If we don't, we get an exception.
I don't understand why the JAAS login is necessary, as the ejb-jar with the
session bean is not secured with a security-domain tag. Also this in-VM
login seems to cause problems later on, resulting in LoginExceptions
(javax.security...).
Please help anybody, cause I'm at a total loss.

Regards,
Bernie


---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?  SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] JAAS problem

2003-08-25 Thread Adrian Brock 
Hi,

Your actual error is caused by the login module trying
to access the default initial context (you don't have one).

It wont be able to access the java:/ namespace anyway (this
is only available inside the same virtual machine
using naming properties that don't specify a providerurl).

The connection pool is not a remote object.

Regards,
Adrian

On Sun, 2003-08-24 at 19:13, Maiquel Sampaio de Melo wrote:
> Hi all,
> Hi trying to run a test client with jaas. I'm
> using mySQL and DatabaseServerLoginModule. Can anybody
> help me?
> This is my code:
> 
> package br.ufc.npd.votacao.client;
> 
> import java.util.ArrayList;
> import java.util.Properties;
> 
> import javax.naming.Context;
> import javax.naming.InitialContext;
> import javax.rmi.PortableRemoteObject;
> import javax.security.auth.callback.CallbackHandler;
> import javax.security.auth.login.LoginContext;
> import javax.security.auth.login.LoginException;
> 
> import
> br.ufc.npd.votacao.interfaces.NPDCallbackHandler;
> import
> br.ufc.npd.votacao.interfaces.UnidVotacaoServicosHome;
> import
> br.ufc.npd.votacao.interfaces.UnidVotacaoServicos;
> 
> public class TesteUnidade
> {
>   public static void main(String[] args)
>   {
> try
> {
>   System.out.println("Run Test-Client...");
> 
>   Properties p = new Properties();
>  
> p.setProperty("java.naming.factory.initial","org.jnp.interfaces.NamingContextFactory");
>  
> p.setProperty("java.naming.provider.url","jnp://localhost:1100");
>  
> p.setProperty("java.naming.factory.url.pkgs","org.jboss.naming:org.jnp.interfaces");
>  
> p.setProperty("jnp.socketFactory","org.jnp.interfaces.TimedSocketFactory");
> /*
>   p.put(Context.INITIAL_CONTEXT_FACTORY,
> "org.jnp.interfaces.NamingContextFactory");
>  
> p.put(Context.URL_PKG_PREFIXES,"jboss.naming:org.jnp.interfaces");
>   p.put(Context.PROVIDER_URL,"localhost:1100");
> */  
>   InitialContext ctx = new InitialContext(p);
> 
> 
>   Object ref =
> ctx.lookup(UnidVotacaoServicosHome.JNDI_NAME);
>   UnidVotacaoServicosHome ejbHome =
> (UnidVotacaoServicosHome)PortableRemoteObject.narrow(ref,
> UnidVotacaoServicosHome.class);
> 
>   // create the session-bean
>   UnidVotacaoServicos ejbObj = ejbHome.create();
> 
>   testMethod(ejbHome, ejbObj);   // call your
> test-method
> 
>   // remove the session-bean
>   ejbObj.remove();
>   System.out.println("Test-Client finished without
> errors.");
> }
> catch(Exception ex)
> {
>   ex.printStackTrace();
> }
>   }
> 
>  
> /***
>*  +++ Private Helper-Methods
> +++
>   
> **/
> 
>   /**
>* this is your test-method
>*/
>   private static void
> testMethod(UnidVotacaoServicosHome ejbHome,
> UnidVotacaoServicos ejbObj) throws Exception
>   {
> // now you can call the business-methods of the
> ejb
> // Example:
> // ejbHome.y();  -> method from the
> Home-Interface
> // ejbObj.x();   -> method from the
> Remote-Interface
> String login = "maiquel";
> String senha = "1234563";
> char[] password;
> password = senha.toCharArray();
> 
>  try
>   {
>  NPDCallbackHandler handler = new
> NPDCallbackHandler(login, password);
>  LoginContext lc = new LoginContext("votacao",
> handler);
>  System.out.println("Created LoginContext");
>  lc.login();
>   }
>   catch (LoginException le)
>   {
>  System.out.println("Login failed");
>  le.printStackTrace();
>   }
> 
>   try
>   {
>  ArrayList lista = ejbObj.listarUnidades();
>  System.out.println("Nr. de Unidades: "+
> lista.size());
>  ejbObj.remove();
>   }
>   catch (Exception e)
>   {
>  e.printStackTrace();
>   }
>   }
> 
> }
> 
> This is my auth.conf:
> votacao {
> /* A JDBC based LoginModule
> LoginModule options:
> dsJndiName: The name of the DataSource of the database
> containing the Principals, Roles tables
> principalsQuery: The prepared statement query
> equivalent to:
> "select Password from Principals where
> PrincipalID=?"
> rolesQuery: The prepared statement query equivalent
> to:
> "select Role, RoleGroup from Roles where
> PrincipalID=?"
> */
>
> org.jboss.security.auth.spi.DatabaseServerLoginModule
> required
> dsJndiName="java:/MysqlVotacaoDS"
> principalsQuery="select Password from Principals
> where PrincipalID=?"
> rolesQuery="select Role, RoleGroup from Roles
> where PrincipalID=?"
> unauthenticatedIdentity=nobody
> ;
> };
> 
> This is my program result:
> Run Test-Client...
> Created LoginContext
> Login failed
> javax.security.auth.login.LoginException:
> javax.naming.NoInitialContextException: Need to
> specify class name in environment or system property,
> or a

Re: [JBoss-user] JAAS - Problem with Ldap Realm

2002-11-07 Thread Scott M Stark 



Check the log to see what security domain the war 
is being deployed with and
then check the security/web unit tests in the 
testsuite module as they
demonstrate this stuff.
 
Scott StarkChief Technology 
OfficerJBoss Group, LLC

  - Original Message - 
  From: 
  Keene 
  Hammond 
  To: [EMAIL PROTECTED] 
  
  Sent: Thursday, November 07, 2002 1:37 
  PM
  Subject: Re: [JBoss-user] JAAS - Problem 
  with Ldap Realm
  Ok,  I am really just using the application.xml, the 
  jboss-web.xml and the web.xml (which are in the WEB-INF directory of a war 
  file in a ear file) to protect some servlets and jsps right now. here are 
  the relevant snippets here; 
  jboss-web.xml 
  java:/jaas/ldap 
  web.xml 
        
   
   
  Restricted 
   
  security 
   
  /secure/* 
   
  HEAD 
   
  GET 
   
  POST 
   
  PUT 
   
  DELETE 
     
     
   
  user_admin 
     
     
   no 
  description 
   
  NONE 
     
      
        
  user admin 
    
  user_admin    
   
  application.xml 
         
   
  mywarfile.war 
   
  /   
       
  OS: XPsp1 JDK: 1.4.1_01 JBoss: 3.0.4 
  And at the risk of being redundant, I swear this works with JBoss 2.4.x. 
  BTW Thanks... -Keene  

Re: [JBoss-user] JAAS - Problem with Ldap Realm

2002-11-07 Thread Keene Hammond 



Ok,  I am really just using the application.xml, the jboss-web.xml
and the web.xml (which are in the WEB-INF directory of a war file in a
ear file) to protect some servlets and jsps right now.
here are the relevant snippets here;
jboss-web.xml
java:/jaas/ldap
web.xml
   
  
 Restricted
 security
 /secure/*
 HEAD
 GET
 POST
 PUT
 DELETE
  
  
 user_admin
  
  
 no
description
 NONE
  
   
   
  user admin
  user_admin
   
application.xml
   
  
 mywarfile.war
 /
  
   
OS: XPsp1
JDK: 1.4.1_01
JBoss: 3.0.4
And at the risk of being redundant, I swear this works with JBoss 2.4.x.
BTW Thanks...
-Keene
 
Scott M Stark wrote:

Then
the problem is not the login-config.xml file. The fact that there is no
entryin JNDI simply means that no component has been deployed with the
"ldap"as its security-domain (java:/jaas/ldap). So what component has set
this upand how? 
Scott Stark
Chief Technology Officer
JBoss Group, LLC


- Original Message -

From:Keene
Hammond

To: [EMAIL PROTECTED]
; [EMAIL PROTECTED]

Sent: Thursday, November 07, 2002
10:34 AM

Subject: Re: [JBoss-user] JAAS - Problem
with Ldap Realm
 Scott,
Thanks, I have tried what you suggested, here are the results. (No
success, yet). It is indeed pointing the the correct file (which I have
attached) and below is also a snippet from the jmx-console.
2002-11-07 13:25:32,135 INFO  [org.jboss.security.plugins.SecurityConfig]
Starting
2002-11-07 13:25:32,135 DEBUG [org.jboss.security.plugins.SecurityConfig]
Installed JAAS Configuration service=jboss.security:service=XMLLoginConfig,
config=org.jboss.security.auth.login.XMLLoginConfig@16f144c
2002-11-07 13:25:32,135 INFO  [org.jboss.security.plugins.SecurityConfig]
Started
2002-11-07 13:25:32,135 DEBUG [org.jboss.security.auth.login.XMLLoginConfig]
Loading xmlConfig=file:/C:/opt/jboss-3.0.4/server/wtg/conf/login-config.xml
2002-11-07 13:25:32,195 INFO  [org.jboss.security.plugins.JaasSecurityManagerService]
Starting
2002-11-07 13:25:32,205 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService]
securityMgrCtxPath=java:/jaas
2002-11-07 13:25:32,215 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService]
cachePolicyCtxPath=java:/timedCacheFactory
2002-11-07 13:25:32,225 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService]
SecurityProxyFactory=org.jboss.security.SubjectSecurityProxyFactory@9934d4
2002-11-07 13:25:32,225 INFO  [org.jboss.security.plugins.JaasSecurityManagerService]
Started
2002-11-07 13:25:32,225 DEBUG [org.jboss.system.ServiceController]
Starting dependent components: [ObjectName: jboss:service=TransactionManager
 state: CREATED
 I Depend On:   jboss:service=XidFactory
 Depends On Me: ]
Here is the view from the jmx-console
...
java: Namespace
   +- jaas (class: javax.naming.Context)
   |   +- other (class: org.jboss.security.plugins.SecurityDomainContext)
   |   +- JmsXARealm (class: org.jboss.security.plugins.SecurityDomainContext)
   |   +- jbossmq (class: org.jboss.security.plugins.SecurityDomainContext)
   |   +- http-invoker (class: org.jboss.security.plugins.SecurityDomainContext)
...
Well what do you think???
-Keene

Re: [JBoss-user] JAAS - Problem with Ldap Realm

2002-11-07 Thread Scott M Stark 



Then the problem is not the login-config.xml file. 
The fact that there is no entry
in JNDI simply means that no component has been 
deployed with the "ldap"
as its security-domain (java:/jaas/ldap). So what 
component has set this up
and how?
 
Scott StarkChief Technology 
OfficerJBoss Group, LLC

  - Original Message - 
  From: 
  Keene 
  Hammond 
  To: [EMAIL PROTECTED] 
  ; [EMAIL PROTECTED] 
  Sent: Thursday, November 07, 2002 10:34 
  AM
  Subject: Re: [JBoss-user] JAAS - Problem 
  with Ldap Realm
  Scott, Thanks, I have tried 
  what you suggested, here are the results. (No success, yet). It is indeed 
  pointing the the correct file (which I have attached) and below is also a 
  snippet from the jmx-console. 
  2002-11-07 13:25:32,135 INFO  
  [org.jboss.security.plugins.SecurityConfig] Starting 2002-11-07 
  13:25:32,135 DEBUG [org.jboss.security.plugins.SecurityConfig] Installed JAAS 
  Configuration service=jboss.security:service=XMLLoginConfig, 
  config=org.jboss.security.auth.login.XMLLoginConfig@16f144c 2002-11-07 
  13:25:32,135 INFO  [org.jboss.security.plugins.SecurityConfig] Started 
  2002-11-07 13:25:32,135 DEBUG 
  [org.jboss.security.auth.login.XMLLoginConfig] Loading xmlConfig=file:/C:/opt/jboss-3.0.4/server/wtg/conf/login-config.xml 
  2002-11-07 13:25:32,195 INFO  
  [org.jboss.security.plugins.JaasSecurityManagerService] Starting 
  2002-11-07 13:25:32,205 DEBUG 
  [org.jboss.security.plugins.JaasSecurityManagerService] 
  securityMgrCtxPath=java:/jaas 2002-11-07 13:25:32,215 DEBUG 
  [org.jboss.security.plugins.JaasSecurityManagerService] 
  cachePolicyCtxPath=java:/timedCacheFactory 2002-11-07 13:25:32,225 DEBUG 
  [org.jboss.security.plugins.JaasSecurityManagerService] 
  SecurityProxyFactory=org.jboss.security.SubjectSecurityProxyFactory@9934d4 
  2002-11-07 13:25:32,225 INFO  
  [org.jboss.security.plugins.JaasSecurityManagerService] Started 2002-11-07 
  13:25:32,225 DEBUG [org.jboss.system.ServiceController] Starting dependent 
  components: [ObjectName: jboss:service=TransactionManager  state: 
  CREATED  I Depend On:   jboss:service=XidFactory 
   Depends On Me: ] 
  Here is the view from the jmx-console ... java: Namespace 
     +- jaas (class: javax.naming.Context)    
  |   +- other (class: 
  org.jboss.security.plugins.SecurityDomainContext)    
  |   +- JmsXARealm (class: 
  org.jboss.security.plugins.SecurityDomainContext)    
  |   +- jbossmq (class: 
  org.jboss.security.plugins.SecurityDomainContext)    
  |   +- http-invoker (class: 
  org.jboss.security.plugins.SecurityDomainContext) ... 
  Well what do you think??? -Keene

Re: [JBoss-user] JAAS - Problem with Ldap Realm

2002-11-07 Thread Keene Hammond 
07, 2002 5:45 AM
Subject: Re: [JBoss-user] JAAS - Problem with Ldap Realm
> I am using a renamed copy of the "all" server. But I even tried changing
every single
> login-config.xml on my system.
> This was working fine on my 2.x flavor with the auth.conf...
> Any ideas? anyone?
>
> OS: XPsp1
> JAVA: 1.4.1_01
> JBoss: 3.0.4
>
> -Keene
>
---
This sf.net email is sponsored by: See the NEW Palm
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user


http://www.jboss.org/j2ee/dtd/security_config.dtd";>






   
  
  
   




   
  
 guest
	 jboss.mq:service=StateManager
  
   




   
  
 sa
 sa
 
 jboss.jca:service=LocalTxCM,name=hsqldbDS
  
   



   
  
 sysdba
 sysdba
 masterkey
 jboss.jca:service=XaTxCM,name=FirebirdDS
  
   



   
  
 guest
 guest
 guest
 jboss.jca:service=XaTxCM,name=jmsra
  
   




   
  
   




   
   
  
   



	 	
	 		
	 			
	 com.sun.jndi.ldap.LdapCtxFactory
	 simple
	 uid=
	 ,ou=People, o=Paychex Inc, c=US
	 uniqueMember
	 cn
	 ou=Groups,o=Paychex Inc,c=US
	 true
	 nobody
	 ldap://akhammon.paychex.com:389/

Re: [JBoss-user] JAAS - Problem with Ldap Realm

2002-11-07 Thread Scott M Stark 
Show the output of the first part of the startup of the server to show which
config directory is being used, for example:

 8:07:20.05>pwd
/usr/JBoss3.0/jboss-all/build/output/jboss-3.0.5RC1/bin
 8:07:38.71>run
===
.
  JBoss Bootstrap Environment
.
  JBOSS_HOME: C:\usr\JBoss3.0\jboss-all\build\output\jboss-3.0.5RC1\bin\\..
.
  JAVA: /usr/local/Java/jdk1.3.1_05\bin\java
.
  JAVA_OPTS:  -Dprogram.name=run.bat
.
  CLASSPATH: ;/usr/local/Java/jdk1.3.1_05\lib\tools.jar;C:\usr\JBoss3.0\jboss-al
l\build\output\jboss-3.0.5RC1\bin\\run.jar
.
===
.
08:07:42,452 INFO  [Server] JBoss Release: JBoss-3.0.4RC1 CVSTag=Branch_3_0
08:07:42,472 INFO  [Server] Home Dir: C:\usr\JBoss3.0\jboss-all\build\output\jbo
ss-3.0.5RC1
08:07:42,472 INFO  [Server] Home URL: file:/C:/usr/JBoss3.0/jboss-all/build/outp
ut/jboss-3.0.5RC1/
08:07:42,472 INFO  [Server] Library URL: file:/C:/usr/JBoss3.0/jboss-all/build/o
utput/jboss-3.0.5RC1/lib/
08:07:42,472 INFO  [Server] Patch URL: null
08:07:42,472 INFO  [Server] Server Name: default
08:07:42,472 INFO  [Server] Server Home Dir: C:\usr\JBoss3.0\jboss-all\build\out
put\jboss-3.0.5RC1\server\default
08:07:42,472 INFO  [Server] Server Home URL: file:/C:/usr/JBoss3.0/jboss-all/bui
ld/output/jboss-3.0.5RC1/server/default/
08:07:42,472 INFO  [Server] Server Data Dir: C:\usr\JBoss3.0\jboss-all\build\out
put\jboss-3.0.5RC1\server\default\db
08:07:42,472 INFO  [Server] Server Temp Dir: C:\usr\JBoss3.0\jboss-all\build\out
put\jboss-3.0.5RC1\server\default\tmp
08:07:42,482 INFO  [Server] Server Config URL: file:/C:/usr/JBoss3.0/jboss-all/b
uild/output/jboss-3.0.5RC1/server/default/conf/
08:07:42,482 INFO  [Server] Server Library URL: file:/C:/usr/JBoss3.0/jboss-all/
build/output/jboss-3.0.5RC1/server/default/lib/
08:07:42,482 INFO  [Server] Root Deployemnt Filename: jboss-service.xml
08:07:42,482 INFO  [Server] Starting General Purpose Architecture (GPA)...
08:07:42,742 INFO  [ServerInfo] Java version: 1.3.1_05,Sun Microsystems Inc.
08:07:42,752 INFO  [ServerInfo] Java VM: Java HotSpot(TM) Client VM 1.3.1_05-b02,Sun 
Microsystems Inc.

Prior to this, edit the conf/log4j.xml for the configuration you are using and either
remove the Threshold attribute of the FILE appender or change it to DEBUG:

  



...

Then look to the log/server.log file  and look for the following XMLLoginConfig which
tells you which configuration was loaded:

2002-11-07 08:16:07,168 DEBUG [org.jboss.security.auth.login.XMLLoginConfig] Loading
xmlConfig=file:/C:/usr/JBoss3.0/jboss-all/build/output/jboss-3.0.5RC1/server/default/conf/login-config.xml


Scott Stark
Chief Technology Officer
JBoss Group, LLC


- Original Message -
From: "Keene Hammond" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, November 07, 2002 5:45 AM
Subject: Re: [JBoss-user] JAAS - Problem with Ldap Realm


> I am using a renamed copy of the "all" server. But I even tried changing every single
> login-config.xml on my system.
> This was working fine on my 2.x flavor with the auth.conf...
> Any ideas? anyone?
>
> OS: XPsp1
> JAVA: 1.4.1_01
> JBoss: 3.0.4
>
> -Keene
>



---
This sf.net email is sponsored by: See the NEW Palm 
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] JAAS - Problem with Ldap Realm

2002-11-07 Thread Keene Hammond 
I am using a renamed copy of the "all" server. But I even tried changing every single
login-config.xml on my system.
This was working fine on my 2.x flavor with the auth.conf...
Any ideas? anyone?

OS: XPsp1
JAVA: 1.4.1_01
JBoss: 3.0.4

-Keene

otisg wrote:

> Make sure you are changing the right
> login-config.xml (all or default or minimal).
> One way to do that is to rename all other
> setups that you are not using.
> I am using 'default', so I renamed all the
> rest, just to make sure nothing from there
> is getting loaded, since it is not very
> clear from run.sh which one is being called.
>
> drwxrwxrwx5 otis otis 4096
> Nov  2 20:55 all.orig
> drwxrwxrwx8 otis otis 4096
> Nov  4 16:47 default
> drwxrwxrwx5 otis otis 4096
> Nov  2 20:56 minimal.orig
>
> Otis
>
>  On Wed, 06 Nov 2002, Keene Hammond
> ([EMAIL PROTECTED]) wrote:
>
> > I removed all of the realms from the
> login-config.xml except the LdapLogin Module and
> > still all default realms are loaded and my
> ldap realm is nowhere to be found.
> > I am unable to change the default realms,
> was this working on any previous 3.x jboss?
> > I was ok when using the auth.conf file in
> Jboss 2.4.3... But it does not workin JBoss
> > 3.0.3 either.
> > I see one other person is having a similar
> problem today. Anyone else? Any ideas?
> > -Keene
> >
> > Keene Hammond wrote:
> >
> > > Hi,
> > > I am unable to create a new security
> realm using the LdapLoginModule. I
> > > would appreciate some help configuring a
> new realm to point to a LDAP
> > > directory server.
> > >
> > > OS: XP pro SP1
> > > JDK: 1.4.1_01
> > > JBoss: 3.0.3
> > >
> > > snippet from login-config.xml
> > >
> > > 
> > >
> > >   
> > >   > >
> "org.jboss.security.auth.spi.LdapLoginModule"
> flag = "required">
> > >  > >
> name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory
> > >
> > >  > >
> name="java.naming.security.authentication">simple
> > >  name="principleDNPrefix">uid=
> > >
> > >  name="principleDNSuffix">,ou=People,
> > > o=Paychex Inc, c=US
> > >  > >
> name="uidAttributeID">uniqueMember
> > >  name="roleAttributeID">cn
> > >  name="rolesCtxDN">ou=Groups,o=Paychex
> > > Inc,c=US
> > >  name="matchOnUserDN">true
> > >  > >
> name="unauthenticatedIdentity">nobody
> > >  > >
> name="java.naming.provider.url">ldap://testldap.paychex.com:389/
> > >
> > >  
> > >   
> > >
> > >
> > > This is what I get:
> > > ...
> > > java: Namespace
> > >
> > >+- jaas (class: javax.naming.Context)
> > >|   +- other (class:
> > >
> org.jboss.security.plugins.SecurityDomainContext)
> > >|   +- JmsXARealm (class:
> > >
> org.jboss.security.plugins.SecurityDomainContext)
> > >|   +- jbossmq (class:
> > >
> org.jboss.security.plugins.SecurityDomainContext)
> > >|   +- http-invoker (class:
> > >
> org.jboss.security.plugins.SecurityDomainContext)
> > >+- wtgDS (class:
> > >
> org.jboss.resource.adapter.jdbc.local.LocalDataSource)
> > > ...
> > >
> > > I have also tried to use the old
> auth.conf as well without success.
> > > Does anyone know what I am doing wrong?
> > > -Keene
> > >
> > >
> ---
> > > This sf.net email is sponsored by: See
> the NEW Palm
> > > Tungsten T handheld. Power & Color in a
> compact size!
> > >
> http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
> > >
> ___
> > > JBoss-user mailing list
> > > [EMAIL PROTECTED]
> > >
> https://lists.sourceforge.net/lists/listinfo/jboss-user
> >
> >
> >
> >
> ---
> > This sf.net email is sponsored by: See the
> NEW Palm
> > Tungsten T handheld. Power & Color in a
> compact size!
> >
> http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
> >
> ___
> > JBoss-user mailing list
> > [EMAIL PROTECTED]
> >
> https://lists.sourceforge.net/lists/listinfo/jboss-user
> >
> >
>
> 
> Get your own "800" number
> Voicemail, fax, email, and a lot more
> http://www.ureach.com/reg/tag
>
> ---
> This sf.net email is sponsored by: See the NEW Palm
> Tungsten T handheld. Power & Color in a compact size!
> http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user



---
This sf.net email is sponsored by: See the NEW Palm 
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
___
JBoss-user mailing list
[EMAIL PROTECTED]

Re: [JBoss-user] JAAS - Problem with Ldap Realm

2002-11-06 Thread Jon Brisbin 

I have also had a lot of trouble using the LdapLoginModule
successfully.  I finally decided to roll my own implementation because
I couldn't hardly read the code from the source distro ;-)

I also had a problem with the method by which the searches were being
performed, specifically, that my roles weren't being returned from
Domino LDAP using the method of searching currently in the source.  I
changed it to use SearchControls and all is well.

Jon Brisbin


--- Keene Hammond <[EMAIL PROTECTED]> wrote:
> I removed all of the realms from the login-config.xml except the
> LdapLogin Module and
> still all default realms are loaded and my ldap realm is nowhere to
> be found.
> I am unable to change the default realms, was this working on any
> previous 3.x jboss?
> I was ok when using the auth.conf file in Jboss 2.4.3... But it does
> not workin JBoss
> 3.0.3 either.
> I see one other person is having a similar problem today. Anyone
> else? Any ideas?
> -Keene
> 
> Keene Hammond wrote:
> 
> > Hi,
> > I am unable to create a new security realm using the
> LdapLoginModule. I
> > would appreciate some help configuring a new realm to point to a
> LDAP
> > directory server.
> >
> > OS: XP pro SP1
> > JDK: 1.4.1_01
> > JBoss: 3.0.3
> >
> > snippet from login-config.xml
> >
> > 
> >
> >   
> >   > "org.jboss.security.auth.spi.LdapLoginModule" flag = "required">
> >  >
>
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory
> >
> >  > name="java.naming.security.authentication">simple
> >  name="principleDNPrefix">uid=
> >
> > ,ou=People,
> > o=Paychex Inc, c=US
> >  > name="uidAttributeID">uniqueMember
> >  name="roleAttributeID">cn
> > ou=Groups,o=Paychex
> > Inc,c=US
> >  name="matchOnUserDN">true
> >  > name="unauthenticatedIdentity">nobody
> >  >
>
name="java.naming.provider.url">ldap://testldap.paychex.com:389/
> >
> >  
> >   
> >
> >
> > This is what I get:
> > ...
> > java: Namespace
> >
> >+- jaas (class: javax.naming.Context)
> >|   +- other (class:
> > org.jboss.security.plugins.SecurityDomainContext)
> >|   +- JmsXARealm (class:
> > org.jboss.security.plugins.SecurityDomainContext)
> >|   +- jbossmq (class:
> > org.jboss.security.plugins.SecurityDomainContext)
> >|   +- http-invoker (class:
> > org.jboss.security.plugins.SecurityDomainContext)
> >+- wtgDS (class:
> > org.jboss.resource.adapter.jdbc.local.LocalDataSource)
> > ...
> >
> > I have also tried to use the old auth.conf as well without success.
> > Does anyone know what I am doing wrong?
> > -Keene
> >
> > ---
> > This sf.net email is sponsored by: See the NEW Palm
> > Tungsten T handheld. Power & Color in a compact size!
> > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
> > ___
> > JBoss-user mailing list
> > [EMAIL PROTECTED]
> > https://lists.sourceforge.net/lists/listinfo/jboss-user
> 
> 
> 
> ---
> This sf.net email is sponsored by: See the NEW Palm 
> Tungsten T handheld. Power & Color in a compact size!
> http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user


=
Thanks!

Jon Brisbin

[EMAIL PROTECTED]
417.682.6157 (h/w)
417.825.3995 (c)

__
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/


---
This sf.net email is sponsored by: See the NEW Palm 
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Re: Re: [JBoss-user] JAAS - Problem with Ldap Realm

2002-11-06 Thread otisg 
Make sure you are changing the right
login-config.xml (all or default or minimal).
One way to do that is to rename all other
setups that you are not using.
I am using 'default', so I renamed all the
rest, just to make sure nothing from there
is getting loaded, since it is not very
clear from run.sh which one is being called.

drwxrwxrwx5 otis otis 4096
Nov  2 20:55 all.orig
drwxrwxrwx8 otis otis 4096
Nov  4 16:47 default
drwxrwxrwx5 otis otis 4096
Nov  2 20:56 minimal.orig

Otis



 On Wed, 06 Nov 2002, Keene Hammond
([EMAIL PROTECTED]) wrote:

> I removed all of the realms from the
login-config.xml except the LdapLogin Module and
> still all default realms are loaded and my
ldap realm is nowhere to be found.
> I am unable to change the default realms,
was this working on any previous 3.x jboss?
> I was ok when using the auth.conf file in
Jboss 2.4.3... But it does not workin JBoss
> 3.0.3 either.
> I see one other person is having a similar
problem today. Anyone else? Any ideas?
> -Keene
> 
> Keene Hammond wrote:
> 
> > Hi,
> > I am unable to create a new security
realm using the LdapLoginModule. I
> > would appreciate some help configuring a
new realm to point to a LDAP
> > directory server.
> >
> > OS: XP pro SP1
> > JDK: 1.4.1_01
> > JBoss: 3.0.3
> >
> > snippet from login-config.xml
> >
> > 
> >
> >   
> >   >
"org.jboss.security.auth.spi.LdapLoginModule"
flag = "required">
> >  >
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory
> >
> >  >
name="java.naming.security.authentication">simple
> > uid=
> >
> > ,ou=People,
> > o=Paychex Inc, c=US
> >  >
name="uidAttributeID">uniqueMember
> > cn
> > ou=Groups,o=Paychex
> > Inc,c=US
> > true
> >  >
name="unauthenticatedIdentity">nobody
> >  >
name="java.naming.provider.url">ldap://testldap.paychex.com:389/
> >
> >  
> >   
> >
> >
> > This is what I get:
> > ...
> > java: Namespace
> >
> >+- jaas (class: javax.naming.Context)
> >|   +- other (class:
> >
org.jboss.security.plugins.SecurityDomainContext)
> >|   +- JmsXARealm (class:
> >
org.jboss.security.plugins.SecurityDomainContext)
> >|   +- jbossmq (class:
> >
org.jboss.security.plugins.SecurityDomainContext)
> >|   +- http-invoker (class:
> >
org.jboss.security.plugins.SecurityDomainContext)
> >+- wtgDS (class:
> >
org.jboss.resource.adapter.jdbc.local.LocalDataSource)
> > ...
> >
> > I have also tried to use the old
auth.conf as well without success.
> > Does anyone know what I am doing wrong?
> > -Keene
> >
> >
---
> > This sf.net email is sponsored by: See
the NEW Palm
> > Tungsten T handheld. Power & Color in a
compact size!
> >
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
> >
___
> > JBoss-user mailing list
> > [EMAIL PROTECTED]
> >
https://lists.sourceforge.net/lists/listinfo/jboss-user
> 
> 
> 
>
---
> This sf.net email is sponsored by: See the
NEW Palm 
> Tungsten T handheld. Power & Color in a
compact size!
>
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
>
___
> JBoss-user mailing list
> [EMAIL PROTECTED]
>
https://lists.sourceforge.net/lists/listinfo/jboss-user
> 
> 



Get your own "800" number
Voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag


---
This sf.net email is sponsored by: See the NEW Palm 
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] JAAS - Problem with Ldap Realm

2002-11-06 Thread Keene Hammond 
I removed all of the realms from the login-config.xml except the LdapLogin Module and
still all default realms are loaded and my ldap realm is nowhere to be found.
I am unable to change the default realms, was this working on any previous 3.x jboss?
I was ok when using the auth.conf file in Jboss 2.4.3... But it does not workin JBoss
3.0.3 either.
I see one other person is having a similar problem today. Anyone else? Any ideas?
-Keene

Keene Hammond wrote:

> Hi,
> I am unable to create a new security realm using the LdapLoginModule. I
> would appreciate some help configuring a new realm to point to a LDAP
> directory server.
>
> OS: XP pro SP1
> JDK: 1.4.1_01
> JBoss: 3.0.3
>
> snippet from login-config.xml
>
> 
>
>   
>   "org.jboss.security.auth.spi.LdapLoginModule" flag = "required">
>  name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory
>
>  name="java.naming.security.authentication">simple
> uid=
>
> ,ou=People,
> o=Paychex Inc, c=US
>  name="uidAttributeID">uniqueMember
> cn
> ou=Groups,o=Paychex
> Inc,c=US
> true
>  name="unauthenticatedIdentity">nobody
>  name="java.naming.provider.url">ldap://testldap.paychex.com:389/
>
>  
>   
>
>
> This is what I get:
> ...
> java: Namespace
>
>+- jaas (class: javax.naming.Context)
>|   +- other (class:
> org.jboss.security.plugins.SecurityDomainContext)
>|   +- JmsXARealm (class:
> org.jboss.security.plugins.SecurityDomainContext)
>|   +- jbossmq (class:
> org.jboss.security.plugins.SecurityDomainContext)
>|   +- http-invoker (class:
> org.jboss.security.plugins.SecurityDomainContext)
>+- wtgDS (class:
> org.jboss.resource.adapter.jdbc.local.LocalDataSource)
> ...
>
> I have also tried to use the old auth.conf as well without success.
> Does anyone know what I am doing wrong?
> -Keene
>
> ---
> This sf.net email is sponsored by: See the NEW Palm
> Tungsten T handheld. Power & Color in a compact size!
> http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user



---
This sf.net email is sponsored by: See the NEW Palm 
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] JAAS problem

2002-01-07 Thread Sternagel Annegret (PN-SYS/PE) 

Check your configuration in auth.conf used by the client:

The configuration for the security domain used to create the LoginContext
must point to the ClientLoginModule.

I had a similar problem with principal=null with a wrong configuration
pointing to the ServerLoginModule.

Hope this helps
Annegret

-Ursprüngliche Nachricht-
Von: Artur Jonak [mailto:[EMAIL PROTECTED]]
Gesendet: Montag, 7. Januar 2002 13:24
An: [EMAIL PROTECTED]
Betreff: [JBoss-user] JAAS problem
Wichtigkeit: Hoch


Hi,

I'm using JBoss2.4.3 with Tomcat3.2.3

I have an application which contains some ejbs and one servlet
called "Guest".
All beans are secure and only client which is authenticated and
is in role User can access remote methods of those beans.

As I said there is also one servlet, "Guest" which offers for guest
clients let's say transparent access to my breans (of course it permits
only few and secure operations with my beans) without any
authentication.
The servlet does it using methods of LoginContext and CallbackHandler
classes
which are performed during servlet initialization. So the servlet,
like a client, logins into my application as User guest and TRIES to
do something with my beans in the same manner as my other client which
is a normal java application and works perfectly.

But it doesn't work at all:

javax.servlet.ServletException:
java.rmi.RemoteException: checkSecurityAssociation; nested exception is:
java.lang.SecurityException: Insufficient method permissions,
principal=null, method=create, requiredRoles=[User], principalRoles=[]

Note that the same procedure works with JBoss2.2.2 and Tomcat3.2.2!!!
I have also tried to use Subject.doAs method with subject returned by
LoginContext
getSubject method but it doesn't help.


Please help!

Regards,
AJ




Pozdrawiam,
AJ






___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] JAAS problem

2001-06-28 Thread Scott M Stark 



http://java.sun.com/j2ee/dtds/web-app_2_2.dtd";>





ENCServlet
org.jboss.test.web.servlets.ENCServlet


EJBServlet
org.jboss.test.web.servlets.EJBServlet


ClientLoginServlet
org.jboss.test.web.servlets.ClientLoginServlet


EJBOnStartupServlet
org.jboss.test.web.servlets.EJBOnStartupServlet

failOnError
false

1


DebugServlet
org.jboss.test.web.servlets.DebugServlet


SecureServlet
org.jboss.test.web.servlets.SecureServlet


SecureEJBServlet
org.jboss.test.web.servlets.SecureEJBServlet


SecureEJBServletMT
org.jboss.test.web.servlets.SecureEJBServletMT


snoop
/snoop.jsp


classpath
/classpath.jsp


   
  rpcrouter
  Apache-SOAP RPC Router
  no description
  org.apache.soap.server.http.RPCRouterServlet
  
 faultListener
 org.apache.soap.server.DOMFaultListener
  
   
   
  messagerouter
  Apache-SOAP Message Router
  org.apache.soap.server.http.MessageRouterServlet
  
 faultListener
 org.apache.soap.server.DOMFaultListener
  
   
   
  secure-rpcrouter
  Apache-SOAP RPC Router
  no description
  org.apache.soap.server.http.RPCRouterServlet
  
 faultListener
 org.apache.soap.server.DOMFaultListener
  
   


ENCServlet
/ENCServlet


DebugServlet
/DebugServlet


EJBServlet
/EJBServlet


EJBOnStartupServlet
/EJBOnStartupServlet


ClientLoginServlet
/ClientLoginServlet


SecureServlet
/restricted/SecureServlet


SecureEJBServlet
/restricted/SecureEJBAccess


SecureEJBServletMT
/restricted/SecureEJBAccessMT


snoop
*.snp


   
  rpcrouter
  /soap/rpcrouter
   
   
  messagerouter
  /soap/messagerouter
   
   
  secure-rpcrouter
  /restricted/soap/rpcrouter
   



index.html





The default DS
jdbc/DefaultDS
javax.sql.DataSource
Container



Default Mail
mail/DefaultMail
javax.mail.Session
Container



Default QueueFactory
jms/QueFactory
javax.jms.QueueConnectionFactory
Container






Restricted
Declarative security tests
/restricted/*
HEAD
GET
POST
PUT
DELETE


Only 
AuthorizedUser


no description
NONE




BASIC
JBossTest Servlets



A AuthorizedUser is one with a valid username and 
password
AuthorizedUser




Integer0
Ints/i0
java.lang.Integer
0


Integer1
Ints/i1
java.lang.Integer
1


Float0
Floats/f0
java.lang.Float
0.0


Float1
Floats/f1
java.lang.Float
1.1


String0
Strings/s0
java.lang.String
String0


String1
Strings/s1
java.lang.String
String1




ejb/bean0
Session
ENCBean0
org.jboss.test.web.interfaces.StatelessSessionHome
org.jboss.test.web.interfaces.StatelessSession


ejb/bean1
Session
ENCBean1
org.jboss.test.web.interfaces.StatelessSessionHome
org.jboss.test.web.interfaces.StatelessSession



ejb/bean2
Session
ENCBean1
org.jboss.test.web.interfaces.StatelessSessionHome
org.jboss.test.web.interfaces.StatelessSession


ejb/SecuredEJB
Session
SecuredEJB
org.jboss.test.web.interfaces.StatelessSessionHome
org.jboss.test.web.interfaces.StatelessSession


ejb/UnsecuredEJB
Session
UnsecuredEJB
org.jboss.test.web.interfaces.StatelessSessionHome
org.jboss.test.web.interfaces.StatelessSession


ejb/OptimizedEJB
Session
OptimizedEJB
org.jboss.test.web.interfaces.StatelessSessionHome
org.jboss.test.web.interfaces.StatelessSession




- Original Message - 
From: "Nick Taylor" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, June 28, 2001 3:54 AM
Subject: RE: [JBoss-user] JAAS problem


> Scott,
> Many thanks for taking the time to look over my JAAS problems...i still
> can't shake them.

RE: [JBoss-user] JAAS problem

2001-06-28 Thread Nick Taylor 

Scott,
Many thanks for taking the time to look over my JAAS problems...i still
can't shake them...could you post the web.xml you used in the example below?
Cheers

> -Original Message-
> From: Scott M Stark [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, June 27, 2001 11:17 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [JBoss-user] JAAS problem
> 
> 
> I didn't see anything obviously wrong with the ear structure 
> you described
> so I've added an example of calling a secured EJB through a secured
> rpcrouter using the Apache 2.2 soap version to the jbosstest module. I
> see the authenticated web principal passed to the secured EJB. Here
> is sample output:
> 
> [Default] User 'jduke' authenticated.
> [Default] =
> [Default] In TemplateProvider.locate()
> [Default] URI: urn:jbosstest/ejbs/SecuredEJB
> [Default] DD.ServiceClass: 
> org.apache.soap.providers.StatelessEJBProvider
> [Default] DD.ProviderClass: null
> [Default] Call.MethodName: echo
> [Default] User 'jduke' authenticated.
> [Default] =
> [Default] In TemplateProvider.invoke()
> [Default] StatelessSessionBean.ejbCreate() called
> [Default] StatelessSessionBean.echo, arg=Hello
> [Default] StatelessSessionBean.echo, callerPrincipal=jduke
> 
> based on this client:
> 
> import java.io.*;
> import java.net.*;
> import java.util.*;
> import org.apache.soap.*;
> import org.apache.soap.rpc.*;
> import org.apache.soap.transport.SOAPTransport;
> import org.apache.soap.transport.http.SOAPHTTPConnection;
> 
> public class soapejb
> {
>   public static void main (String[] args) throws Exception
>   {
> URL url = new 
> URL("http://localhost:8080/jbosstest/restricted/soap/rpcrouter";);
> 
> // Build the call.
> SOAPHTTPConnection http = new SOAPHTTPConnection();
> http.setUserName("jduke");
> http.setPassword("theduke");
> Call call = new Call ();
> call.setSOAPTransport(http);
> call.setTargetObjectURI ("urn:jbosstest/ejbs/SecuredEJB");
> call.setMethodName("echo");
> call.setEncodingStyleURI(Constants.NS_URI_SOAP_ENC);
> Vector params = new Vector();
> params.addElement (new Parameter("arg", String.class, 
> "Hello", null));
> call.setParams (params);
> 
> Response resp = call.invoke (/* router URL */ url, /* 
> actionURI */ "" );
> 
> // Check the response.
> if( resp.generatedFault() )
> {
>   Fault fault = resp.getFault();
>   System.out.println("Ouch, the call failed: ");
>   System.out.println("  Fault Code   = " + 
> fault.getFaultCode ());  
>   System.out.println("  Fault String = " + 
> fault.getFaultString ());
> }
> else
> {
>   Parameter result = resp.getReturnValue();
>   System.out.println("Result = "+result);
> }
>   }
> }
> 
> Get the jbosstest module code from sourceforge and see how 
> the jbosstest-web.ear
> differs from what you have. If you can't find the issue 
> submit a bug report to
> sourceforge that includes a sample ear demonstrating the problem.
> 
> 
> - Original Message - 
> From: "Nick Taylor" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, June 25, 2001 4:32 AM
> Subject: RE: [JBoss-user] JAAS problem
> 
> 
> > Scott,
> > i've packaged my app into an ear as follows but still get the
> > "Authentication exception, principal=null" exception when 
> my web component
> > tries to invoke a bean method. The web component is seeing the
> > users.properties and roles.properties files as it 
> authenticates me according
> > to those files with no problems.
> > 
> 
> 
> 
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
> 

___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] JAAS problem

2001-06-27 Thread Scott M Stark 

I didn't see anything obviously wrong with the ear structure you described
so I've added an example of calling a secured EJB through a secured
rpcrouter using the Apache 2.2 soap version to the jbosstest module. I
see the authenticated web principal passed to the secured EJB. Here
is sample output:

[Default] User 'jduke' authenticated.
[Default] =
[Default] In TemplateProvider.locate()
[Default] URI: urn:jbosstest/ejbs/SecuredEJB
[Default] DD.ServiceClass: org.apache.soap.providers.StatelessEJBProvider
[Default] DD.ProviderClass: null
[Default] Call.MethodName: echo
[Default] User 'jduke' authenticated.
[Default] =
[Default] In TemplateProvider.invoke()
[Default] StatelessSessionBean.ejbCreate() called
[Default] StatelessSessionBean.echo, arg=Hello
[Default] StatelessSessionBean.echo, callerPrincipal=jduke

based on this client:

import java.io.*;
import java.net.*;
import java.util.*;
import org.apache.soap.*;
import org.apache.soap.rpc.*;
import org.apache.soap.transport.SOAPTransport;
import org.apache.soap.transport.http.SOAPHTTPConnection;

public class soapejb
{
  public static void main (String[] args) throws Exception
  {
URL url = new URL("http://localhost:8080/jbosstest/restricted/soap/rpcrouter";);

// Build the call.
SOAPHTTPConnection http = new SOAPHTTPConnection();
http.setUserName("jduke");
http.setPassword("theduke");
Call call = new Call ();
call.setSOAPTransport(http);
call.setTargetObjectURI ("urn:jbosstest/ejbs/SecuredEJB");
call.setMethodName("echo");
call.setEncodingStyleURI(Constants.NS_URI_SOAP_ENC);
Vector params = new Vector();
params.addElement (new Parameter("arg", String.class, "Hello", null));
call.setParams (params);

Response resp = call.invoke (/* router URL */ url, /* actionURI */ "" );

// Check the response.
if( resp.generatedFault() )
{
  Fault fault = resp.getFault();
  System.out.println("Ouch, the call failed: ");
  System.out.println("  Fault Code   = " + fault.getFaultCode ());  
  System.out.println("  Fault String = " + fault.getFaultString ());
}
else
{
  Parameter result = resp.getReturnValue();
  System.out.println("Result = "+result);
}
  }
}

Get the jbosstest module code from sourceforge and see how the jbosstest-web.ear
differs from what you have. If you can't find the issue submit a bug report to
sourceforge that includes a sample ear demonstrating the problem.


- Original Message - 
From: "Nick Taylor" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, June 25, 2001 4:32 AM
Subject: RE: [JBoss-user] JAAS problem


> Scott,
> i've packaged my app into an ear as follows but still get the
> "Authentication exception, principal=null" exception when my web component
> tries to invoke a bean method. The web component is seeing the
> users.properties and roles.properties files as it authenticates me according
> to those files with no problems.
> 



___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

RE: [JBoss-user] JAAS problem

2001-06-25 Thread Nick Taylor 

Scott,
i've packaged my app into an ear as follows but still get the
"Authentication exception, principal=null" exception when my web component
tries to invoke a bean method. The web component is seeing the
users.properties and roles.properties files as it authenticates me according
to those files with no problems.

> 
> 1. Show me the contents of your ejb jar file that you place 
> into the deploy directory.

mandrake.jar:

com/blah/
com/blah/blah.class
META-INF/
META-INF/jboss.xml
META-INF/ejb-jar.xml
users.properties
roles.properties

> 2. Show me the contents of your soap war and tell me how it 
> is deployed.
> 

soap.war:

WEB-INF/classes/soap..  <- SOAP classes
WEB-INF/web.xml
WEB-INF/jboss-web.xml
WEB-INF/lib/
WEB-INF/lib/adapter.jar <- my classes
WEB-INF/lib/utils.jar   <- my classes

Contents of the ear:

META-INF/
META-INF/MANIFEST.MF
META-INF/application.xml
mandrake.jar
soap.war
client.jar  <- home and remote interfaces

When jboss starts, it deploys the ear, makes the ejb-ref JNDI links to the
beans and deploys the beans fine but i still get that exception...any ideas
on what would be causing that?

> - Original Message - 
> From: "Nick Taylor" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, June 21, 2001 4:48 AM
> Subject: RE: [JBoss-user] JAAS problem
> 
> 
> > Scott,
> > Apologies for confusing you by mixing up my wars and ears 
> (a long day had my
> > brain  at meltdown)...what I meant to say (of course ;)) 
> was that I do not
> > package my application (servlets and ejbs) as an ear. I 
> package my beans as
> > a jar which contains users.properties and roles.properties and under
> > meta-inf, jboss.xml and ejb-jar.xml . The SOAP stuff comes 
> as a prepackaged
> > war to which I supply additional classes...as SOAP requests 
> arrive at the
> > servlet, they get routed to my classes. In 
> tomcat/webapp/soap/web-inf i have
> > dropped my jboss-web.xml. Do the beans and servlets have to 
> be packed in an
> > ear?
> > 
> 
> 
> 
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
> 

___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] JAAS problem

2001-06-21 Thread Scott M Stark 

A standalone war should not be able to see ejbs deployed in a seperate jar so
I still don't understand what is deployed where.

1. Show me the contents of your ejb jar file that you place into the deploy directory.
2. Show me the contents of your soap war and tell me how it is deployed.

- Original Message - 
From: "Nick Taylor" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, June 21, 2001 4:48 AM
Subject: RE: [JBoss-user] JAAS problem


> Scott,
> Apologies for confusing you by mixing up my wars and ears (a long day had my
> brain  at meltdown)...what I meant to say (of course ;)) was that I do not
> package my application (servlets and ejbs) as an ear. I package my beans as
> a jar which contains users.properties and roles.properties and under
> meta-inf, jboss.xml and ejb-jar.xml . The SOAP stuff comes as a prepackaged
> war to which I supply additional classes...as SOAP requests arrive at the
> servlet, they get routed to my classes. In tomcat/webapp/soap/web-inf i have
> dropped my jboss-web.xml. Do the beans and servlets have to be packed in an
> ear?
> 



___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

RE: [JBoss-user] JAAS problem

2001-06-21 Thread Nick Taylor 

Scott,
Apologies for confusing you by mixing up my wars and ears (a long day had my
brain  at meltdown)...what I meant to say (of course ;)) was that I do not
package my application (servlets and ejbs) as an ear. I package my beans as
a jar which contains users.properties and roles.properties and under
meta-inf, jboss.xml and ejb-jar.xml . The SOAP stuff comes as a prepackaged
war to which I supply additional classes...as SOAP requests arrive at the
servlet, they get routed to my classes. In tomcat/webapp/soap/web-inf i have
dropped my jboss-web.xml. Do the beans and servlets have to be packed in an
ear?

Here is an execution snippet:

[EmbeddedTomcatSX] >>TRACE>> KnowledgeBaseAdapter: entering login: orgname =
Sti
lo, username = nick
User 'nick' authenticated.
[EmbeddedTomcatSX] >>TRACE>> KnowledgeBaseAdapter: Subject:
Principal: nick
Principal: Roles
Principal: CallerPrincipal

[EmbeddedTomcatSX] >>TRACE>> KnowledgeBaseAdapter: security domain is
mandrake
[KnowledgeBaseMgr] >>TRACE>> KnowledgeBaseMgrEJB: entering setSessionContext
[KnowledgeBaseMgr] >>TRACE>> KnowledgeBaseMgrEJB: leaving setSessionContext
[KnowledgeBaseMgr] Authentication exception, principal=null
[EmbeddedTomcatSX] >>TRACE>> KnowledgeBaseAdapter: Exception:
 java.rmi.ServerException: Transaction rolled back; nested exception is:
java.rmi.RemoteException: checkSecurityAssociation; nested exception
is:

java.lang.SecurityException: Authentication exception,
principal=null

EmbeddedTomcatSX is able to see my users.properties file included in my
beans jar so there must be connection between the web and bean containers
but I'm rapidly losing my hair as to why i get a null principal in the bean
context!

> -Original Message-
> From: Scott M Stark [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, June 20, 2001 5:52 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [JBoss-user] JAAS problem
> 
> 
> EJBs go in ejb-jars, web components including servlets go in a war. I
> don't understand how the soap servlet is even being deployed 
> given what
> your saying. Show a jar -tf listing of the bean jar that you 
> are dropping in
> the deploy directory.
> 
> - Original Message - 
> From: "Nick Taylor" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, June 20, 2001 6:45 AM
> Subject: RE: [JBoss-user] JAAS problem
> 
> 
> > Scott
> > 
> > > Using what version of the JBoss/Tomcat bundle?
> > 
> > jboss2.2.2-tomcat3.2.2
> > 
> > > What does the war web.xml and jboss-web.xml file look like?
> > 
> > My beans are not packaged in a war (they are in their own 
> jar) but web.xml
> > for the Apache SOAP stuff looks like:
> > 
> 
> 
> 
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
> 

___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] JAAS problem

2001-06-20 Thread Scott M Stark 

EJBs go in ejb-jars, web components including servlets go in a war. I
don't understand how the soap servlet is even being deployed given what
your saying. Show a jar -tf listing of the bean jar that you are dropping in
the deploy directory.

- Original Message - 
From: "Nick Taylor" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 20, 2001 6:45 AM
Subject: RE: [JBoss-user] JAAS problem


> Scott
> 
> > Using what version of the JBoss/Tomcat bundle?
> 
> jboss2.2.2-tomcat3.2.2
> 
> > What does the war web.xml and jboss-web.xml file look like?
> 
> My beans are not packaged in a war (they are in their own jar) but web.xml
> for the Apache SOAP stuff looks like:
> 



___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

RE: [JBoss-user] JAAS problem

2001-06-20 Thread Nick Taylor 

Scott

> Using what version of the JBoss/Tomcat bundle?

jboss2.2.2-tomcat3.2.2

> What does the war web.xml and jboss-web.xml file look like?

My beans are not packaged in a war (they are in their own jar) but web.xml
for the Apache SOAP stuff looks like:



http://java.sun.com/j2ee/dtds/web-app_2_2.dtd";>


  Apache-SOAP
  no description
  
rpcrouter
Apache-SOAP RPC Router
no description

org.apache.soap.server.http.RPCRouterServlet


  faultListener
  org.apache.soap.server.DOMFaultListener

  

  
messagerouter
Apache-SOAP Message Router

org.apache.soap.server.http.MessageRouterServlet


  faultListener
  org.apache.soap.server.DOMFaultListener

  

  
rpcrouter
servlet/rpcrouter
  

  
messagerouter
servlet/messagerouter
  
  



Admin




BASIC
Mandrake



The administrator
Admin




com/stilo/mandrake/beans/user/User
Entity
UserHome
User



 
com/stilo/mandrake/beans/kb/KnowledgeBaseMgr
Session
KnowledgeBaseMgrHome
KnowledgeBaseMgr




My jboss-web.xml is packaged in the beans jar (is this the correct place for
it?)along with jboss.xml and ejb-jar.xml and looks like:





java:/jaas/mandrake


User
com/stilo/mandrake/beans/user/User



KnowledgeBaseMgr
com/stilo/mandrake/beans/kb/KnowledgeBaseMgr





> - Original Message - 
> From: "Nick Taylor" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, June 20, 2001 4:48 AM
> Subject: [JBoss-user] JAAS problem
> 
> 
> > I am trying to secure a web based application using JAAS 
> but keep getting a
> > "java.lang.SecurityException: Authentication exception, 
> principal=null"
> > whenever I try to invoke a bean method. I followed Scott's 
> tutorial and
> > configured my jboss-tomcat setup accordingly.
> > 
> > My scenario is as follows: a SOAP client sends a 
> username-password to the
> > RPCRouter (Apache SOAP) servlet hosted by Tomcat which then 
> instantiates an
> > adapter that does the authentication and session management 
> stuff. The
> > adapter successfully authenticates the username-password 
> using JAAS (I see a
> > "User 'nick' authenticated." message) and then tries to 
> invoke a bean method
> > which results in the above exception. It seems that the 
> principal isn't
> > being propagated from the web container into the bean 
> container but I can't
> > figure out where I'm going wrong. Does the fact that I 
> package my beans in a
> > jar file (no wars or ears) have any to do with it? Any 
> ideas most welcome.
> > 
> > Cheers
> > Nick
> > 
> > ___
> > JBoss-user mailing list
> > [EMAIL PROTECTED]
> > http://lists.sourceforge.net/lists/listinfo/jboss-user
> > 
> 
> 
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
> 

___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] JAAS problem

2001-06-20 Thread Scott M Stark 

Using what version of the JBoss/Tomcat bundle?
What does the war web.xml and jboss-web.xml file look like?

- Original Message - 
From: "Nick Taylor" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 20, 2001 4:48 AM
Subject: [JBoss-user] JAAS problem


> I am trying to secure a web based application using JAAS but keep getting a
> "java.lang.SecurityException: Authentication exception, principal=null"
> whenever I try to invoke a bean method. I followed Scott's tutorial and
> configured my jboss-tomcat setup accordingly.
> 
> My scenario is as follows: a SOAP client sends a username-password to the
> RPCRouter (Apache SOAP) servlet hosted by Tomcat which then instantiates an
> adapter that does the authentication and session management stuff. The
> adapter successfully authenticates the username-password using JAAS (I see a
> "User 'nick' authenticated." message) and then tries to invoke a bean method
> which results in the above exception. It seems that the principal isn't
> being propagated from the web container into the bean container but I can't
> figure out where I'm going wrong. Does the fact that I package my beans in a
> jar file (no wars or ears) have any to do with it? Any ideas most welcome.
> 
> Cheers
> Nick
> 
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
> 


___
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user