JBoss 7.1.2 - authentication issue - Red Hat Customer Portal

Comments

I am trying to implement database based JAAS authentication, but getting below error.
Please let me know how to resolve this

14:46:03,807 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2) Obtained user password
14:46:03,808 DEBUG [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (http-localhost/127.0.0.1:8080-2) AppDS: returnConnection(40c2d8ac, false) [1/9]
14:46:03,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2) resumeAnyTransaction
14:46:03,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2) User 'test_user' authenticated, loginOk=true
14:46:03,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2) abort
14:46:03,809 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-localhost/127.0.0.1:8080-2) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:293) [picketbox-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_25]
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_25]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_25]
at java.lang.reflect.Method.invoke(Unknown Source) [rt.jar:1.7.0_25]
at javax.security.auth.login.LoginContext.invoke(Unknown Source) [rt.jar:1.7.0_25]
at javax.security.auth.login.LoginContext.access$000(Unknown Source) [rt.jar:1.7.0_25]
at javax.security.auth.login.LoginContext$4.run(Unknown Source) [rt.jar:1.7.0_25]
at javax.security.auth.login.LoginContext$4.run(Unknown Source) [rt.jar:1.7.0_25]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_25]
at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) [rt.jar:1.7.0_25]
at javax.security.auth.login.LoginContext.login(Unknown Source) [rt.jar:1.7.0_25]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.16.Final-redhat-1.jar:]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:381) [jbossweb-7.0.16.Final-redhat-1.jar:]
at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.16.Final-redhat-1.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.16.Final-redhat-1.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.16.Final-redhat-1.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.16.Final-redhat-1.jar:]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.16.Final-redhat-1.jar:]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:679) [jbossweb-7.0.16.Final-redhat-1.jar:]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:931) [jbossweb-7.0.16.Final-redhat-1.jar:]
at java.lang.Thread.run(Unknown Source) [rt.jar:1.7.0_25]

jboss-web.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC
    "-//JBoss//DTD Web Application 2.4//EN"
    "http://www.jboss.org/j2ee/dtd/jboss-web_4_2.dtd">

<jboss-web>
    <!-- <security-domain>java:/jaas/apsapp</security-domain> -->
     <security-domain>other</security-domain>
    <context-root>/app</context-root>
</jboss-web>

web.xml

<login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/login.xhtml</form-login-page>
            <form-error-page>/login.xhtml</form-error-page>
        </form-login-config>
    </login-config>

    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Secured Content</web-resource-name>
            <url-pattern>/auth/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>ADMINISTRATOR</role-name>
            <role-name>AUTHENTICATED</role-name>
        </auth-constraint>
    </security-constraint>

    <security-role>
        <role-name>ADMINISTRATOR</role-name>
    </security-role>
    <security-role>
        <role-name>AUTHENTICATED</role-name>
    </security-role>

Standalone.xml

  <subsystem xmlns="urn:jboss:domain:security:1.2">
            <security-domains>
                <security-domain name="other" cache-type="default">
                    <authentication>
                        <login-module code="Remoting" flag="optional">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                        <login-module code="RealmDirect" flag="required">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                        <login-module code="Database" flag="required">
                            <module-option name="dsJndiName" value="java:jboss/datasources/appPgDS"/>
                            <module-option name="principalsQuery" value="select passwd from app.user where username=?"/>
                            <module-option name="rolesQuery" value="select role,'Roles' from app.userrole where username=?"/>
                            <module-option name="hashAlgorithm" value="MD5"/>
                            <module-option name="hashEncoding" value="base64"/>
                            <module-option name="hashCharset" value="UTF-8"/>
                            <module-option name="unauthenticatedIdentity" value="guest"/>
                        </login-module>
                    </authentication>
                </security-domain>

login.xhtml

    <form id="loginForm" action="j_security_check" method="post">
        <input type="text" name="j_username"  value="test_user" maxlength="22" />
        <input type="password" name="j_password" value="password" maxlength="22" />
        <input type="submit" />
    </form>

Started 2013-08-26T09:27:53+00:00 by

amlan_datta@inf...

Newbie 10 points

Select Your Language

JBoss 7.1.2 - authentication issue

Responses

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Responses

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links