Menu
▾
▴
Re: [JBoss-user] JAAS Example Not Working
|
From: Ed B. <ed...@to...> - 2002-01-30 14:22:14
|
Quoting Quique Ruiz-Valenciano <qr...@is...>:
> >
> > I'm trying to understand security in JBoss.
> >
> > I took the example from the JBoss-2.4.x PDF and stripped it down. When
> I run
> > it, I get the following exception:
> >
> > Failed toload user/spasswords/role files
> > java.io.IOException: Properties file usres.properties not found.
> > <stack trace omitted>
> >
> > I have a client (not a servlet, jsp, or ejb) trying to connect to an
> EJB.
> >
> > The failure occured on the line
> > lc.login()
> >
> > where lc is defined as
> >
> > LoginContext lc = new LoginContext("user", handler);
> >
> > java.security.auth.login.config property is defined and points to
> auth.conf.
> >
> > Any suggestions on this one? Looking at the archives shows previous
> errors like
> > this, but no solutions to my case when the client is a "true client"
> and not a
> > servlet or another EJB.
> >
>
> Hello Ed,
>
> Could you send us the auth.conf file?
I use client-login. My auth.conf file follows:
simple {
// Very simple login module:
// any user name is accepted.
// password should either coincide with user name or be null,
// all users have role "guest",
// users with non-null password also have role "user"
org.jboss.security.auth.spi.SimpleServerLoginModule required;
};
// Used by clients within the application server VM such as
// mbeans and servlets that access EJBs.
client-login {
org.jboss.security.ClientLoginModule required;
};
// The default server login module
other {
// A simple server login module, which can be used when the number
// of users is relatively small. It uses two properties files:
// users.properties, which holds users (key) and their password (value).
// roles.properties, which holds users (key) and a comma-separated list
of their roles (value).
// The unauthenticatedIdentity property defines the name of the principal
// that will be used when a null username and password are presented as is
// the case for an unuathenticated web client or MDB. If you want to
// allow such users to be authenticated add the property, e.g.,
// unauthenticatedIdentity="nobody"
org.jboss.security.auth.spi.UsersRolesLoginModule required
;
};
-----------
Here's teh exact stack trace:
RROR [main] (?:?) - Failed to load users/passwords/role files
java.io.IOException: Properties file users.properties not found
at org.jboss.security.auth.spi.UsersRolesLoginModule.loadProperties
(UsersRolesLoginModule.java:199)
at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers
(UsersRolesLoginModule.java:180)
at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize
(UsersRolesLoginModule.java:79)
at java.lang.reflect.Method.invoke(Native Method)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:582)
at javax.security.auth.login.LoginContext.access$000
(LoginContext.java:125)
at javax.security.auth.login.LoginContext$3.run(LoginContext.java:531)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule
(LoginContext.java:528)
at javax.security.auth.login.LoginContext.login(LoginContext.java:449)
at sectest.TestLogin.<init>(TestLogin.java:82)
at sectest.TestLogin.main(TestLogin.java:240)
javax.security.auth.login.LoginException: Missing users.properties file.
at org.jboss.security.auth.spi.UsersRolesLoginModule.login
(UsersRolesLoginModule.java:105)
at java.lang.reflect.Method.invoke(Native Method)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:595)
at javax.security.auth.login.LoginContext.access$000
(LoginContext.java:125)-- Failed initializing bean access.
at javax.security.auth.login.LoginContext$3.run(LoginContext.java:531)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule
(LoginContext.java:528)
at javax.security.auth.login.LoginContext.login(LoginContext.java:449)
----------------
Here's the client code:
public class TestLogin {
private static final String ERROR_NULL_REMOTE = "Remote interface reference
is null. It must be created by calling one of the Home interface methods
first.";
private static final int MAX_OUTPUT_LINE_LENGTH = 100;
private boolean logging = true;
private LoginHome loginHome = null;
private Login login = null;
static class AppCallbackHandler implements CallbackHandler {
private String username;
private char[] password;
public AppCallbackHandler(String username, char[] password) {
this.username = username;
this.password = password;
}
public void handle(Callback[] callbacks) throws
java.io.IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
System.out.println("handle " + i + ": callbacks["+i+"] instanceof
NameCallback");
NameCallback nc = (NameCallback)callbacks[i];
System.out.println("setting username to Carrier");
nc.setName(username);
}
else if (callbacks[i] instanceof PasswordCallback) {
System.out.println("handle " + i + ": callbacks["+i+"] instanceof
PasswordCallback");
PasswordCallback pc = (PasswordCallback)callbacks[i];
System.out.println("setting username to Carrier");
pc.setPassword(password);
}
else {
System.out.println("handle: unrecognized callback " + callbacks
[i].getClass().getName());
throw new UnsupportedCallbackException(callbacks[i], "Unrecognized
Callback");
}
}
}
}
/**Construct the EJB test client*/
public TestLogin() {
long startTime = 0;
if (logging) {
log("Initializing bean access.");
startTime = System.currentTimeMillis();
}
try {
AppCallbackHandler handler = new AppCallbackHandler
("Carrier", "Carrier".toCharArray());
System.out.println("handler is " + handler);
LoginContext lc = new LoginContext("Carrier", handler);
System.out.println("Created LoginContext");
lc.login();
/*
String namingFactory = "org.jnp.interfaces.NamingContextFactory";
String providerUrl = "jnp://mdcsandbox1:9901";
String factoryUrl = "org.jboss.naming:org.jnp.interfaces";
Hashtable props = new Hashtable();
props.put(Context.INITIAL_CONTEXT_FACTORY, namingFactory);
props.put(Context.PROVIDER_URL, providerUrl);
props.put(Context.URL_PKG_PREFIXES, factoryUrl);
//get naming context
Context ctx = new InitialContext(props);
*/
Context ctx = new InitialContext();
//look up jndi name
Object ref = ctx.lookup("Login");
//cast to Home interface
loginHome = (LoginHome) PortableRemoteObject.narrow(ref, LoginHome.class);
if (logging) {
long endTime = System.currentTimeMillis();
log("Succeeded initializing bean access.");
log("Execution time: " + (endTime - startTime) + " ms.");
}
}
catch(Exception e) {
if (logging) {
log("Failed initializing bean access.");
}
e.printStackTrace();
}
}
//----------------------------------------------------------------------------
// Methods that use Home interface methods to generate a Remote interface
reference
//----------------------------------------------------------------------------
public Login create() {
long startTime = 0;
if (logging) {
log("Calling create()");
startTime = System.currentTimeMillis();
}
try {
login = loginHome.create();
if (logging) {
long endTime = System.currentTimeMillis();
log("Succeeded: create()");
log("Execution time: " + (endTime - startTime) + " ms.");
}
}
catch(Exception e) {
if (logging) {
log("Failed: create()");
}
e.printStackTrace();
}
if (logging) {
log("Return value from create(): " + login + ".");
}
return login;
}
public Login create(String user, String password) {
long startTime = 0;
if (logging) {
log("Calling create(" + user + ", " + password + ")");
startTime = System.currentTimeMillis();
}
try {
login = loginHome.create(user, password);
if (logging) {
long endTime = System.currentTimeMillis();
log("Succeeded: create(" + user + ", " + password + ")");
log("Execution time: " + (endTime - startTime) + " ms.");
}
}
catch(Exception e) {
if (logging) {
log("Failed: create(" + user + ", " + password + ")");
}
e.printStackTrace();
}
if (logging) {
log("Return value from create(" + user + ", " + password + "): " + login
+ ".");
}
return login;
}
//----------------------------------------------------------------------------
// Methods that use Remote interface methods to access data through the bean
//----------------------------------------------------------------------------
public String validate() {
String returnValue = "";
if (login == null) {
System.out.println("Error in validate(): " + ERROR_NULL_REMOTE);
return returnValue;
}
long startTime = 0;
if (logging) {
log("Calling validate()");
startTime = System.currentTimeMillis();
}
try {
returnValue = login.validate();
if (logging) {
long endTime = System.currentTimeMillis();
log("Succeeded: validate()");
log("Execution time: " + (endTime - startTime) + " ms.");
}
}
catch(Exception e) {
if (logging) {
log("Failed: validate()");
}
e.printStackTrace();
}
if (logging) {
log("Return value from validate(): " + returnValue + ".");
}
return returnValue;
}
public void testRemoteCallsWithDefaultArguments() {
if (login == null) {
System.out.println("Error in testRemoteCallsWithDefaultArguments(): " +
ERROR_NULL_REMOTE);
return ;
}
validate();
}
//----------------------------------------------------------------------------
// Utility Methods
//----------------------------------------------------------------------------
private void log(String message) {
if (message == null) {
System.out.println("-- null");
return ;
}
if (message.length() > MAX_OUTPUT_LINE_LENGTH) {
System.out.println("-- " + message.substring(0, MAX_OUTPUT_LINE_LENGTH)
+ " ...");
}
else {
System.out.println("-- " + message);
}
}
/**Main method*/
public static void main(String[] args) {
TestLogin client = new TestLogin();
// Use the client object to call one of the Home interface wrappers
// above, to create a Remote interface reference to the bean.
// If the return value is of the Remote interface type, you can use it
// to access the remote interface methods. You can also just use the
// client object to call the Remote interface wrappers.
try {
client.create("Carrier", "Carrier");
client.validate();
}
catch(Exception e) {
e.printStackTrace();
}
}
}
Ed Brown
_________________________________________________________________________
This mail sent via toadmail.com, web e-mail @ ToadNet - want to go fast?
http://www.toadmail.com
|