[JBoss][Jaas] Authentification client standalone
salut
je suis sur JBoss4.0.2, configuration default
alors g un SLSB avec des méthodes dont l'acces est restreint à certains roles.
Les roles, users & pass sont stockés dans une bd, et la politique de sécurité utilise un module Jaas qui va chercher ces infos dans la base.
Cette méthode fonctionne déja avec une appli web (un web services) et les infos login/mdp sont passés par le stub dans l'entete soap.
Pour l'ejb, le deploiement se passe bien, mais je ne sais pas comment le client stand-alone (un test JUnit par ex.) doit fournir les infos d'authentification (principal)?
[edit]
en passant par le ws, ca marche maintenant, voir 3eme post
mon nouveau pb: 4eme post
[/edit]
Dans les 2 cas g cette erreur au niveau du client:
Citation:
RemoteException occurred in server thread; nested exception is:
java.rmi.AccessException: SecurityException; nested exception is:
javax.security.auth.login.FailedLoginException: No matching username found in Principals
et quand j'y accede via le ws, g cette erreur coté serveur:
Citation:
10:07:16,015 ERROR [ServerEngine] Server error: AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Client
faultSubcode:
faultString: SecurityException; nested exception is:
javax.security.auth.login.FailedLoginException: No matching username found in Principals
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace: java.rmi.AccessException: SecurityException; nested exception is:
javax.security.auth.login.FailedLoginException: No matching username found in Principals
at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:370)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:196)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:624)
at org.jboss.ejb.Container.invoke(Container.java:870)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:144)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
at org.jboss.webservice.server.InvokerProviderEJB.invokeServiceEndpoint(InvokerProviderEJB.java:129)
at org.jboss.webservice.server.InvokerProvider.invokeMethod(InvokerProvider.java:350)
at org.jboss.axis.providers.java.RPCProvider.invokeTarget(RPCProvider.java:176)
at org.jboss.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:121)
at org.jboss.axis.providers.java.JavaProvider.invoke(JavaProvider.java:358)
at org.jboss.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:73)
at org.jboss.axis.SimpleChain.doVisiting(SimpleChain.java:160)
at org.jboss.axis.SimpleChain.invoke(SimpleChain.java:123)
at org.jboss.axis.handlers.soap.SOAPService.invoke(SOAPService.java:560)
at org.jboss.webservice.server.ServerEngine.invokeInternal(ServerEngine.java:198)
at org.jboss.webservice.server.ServerEngine.invoke(ServerEngine.java:87)
at org.jboss.axis.transport.http.AxisServlet.doPost(AxisServlet.java:905)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.jboss.axis.transport.http.AxisServletBase.service(AxisServletBase.java:370)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:75)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrincipalValve.java:39)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:147)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:53)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:743)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
at java.lang.Thread.run(Thread.java:536)
Caused by: javax.security.auth.login.FailedLoginException: No matching username found in Principals
at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:103)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:156)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:483)
at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:425)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:251)
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:180)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:129)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:192)
... 46 more
10:07:16,015 INFO [AxisServlet] java.rmi.AccessException: SecurityException; nested exception is:
javax.security.auth.login.FailedLoginException: No matching username found in Principals
d'apres le code source que g trouvé sur
http://www.cenqua.com/clover/eg/jboss/report/org/jboss/security/auth/spi/DatabaseServerLoginModule.html
cette erreur est levée lorsqu'il ne trouve pas l'utilisateur dans la base. Pourtant ce dernier existe. Donc je pense que je m'y prends mal pour spécifier le login/mdp.
voila voila