JBoss EAP Login fails with error Failed to load users/passwords/role files
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 5.x
- 4.x
- Red Hat JBoss Enterprise Portal Platform (EPP)
- 5.x
- 4.x
- Red Hat JBoss SOA Platform
- 5.x
Issue
-
When attempting to login to one of my applications I get the following error
2011-01-28 07:12:27,343 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule] (main) Failed to load users/passwords/role files java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found at org.jboss.security.auth.spi.Util.loadProperties(Util.java:201) at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186) at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200) at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
Resolution
Datasources
For encrypted datasources, if *-ds.xml contains
<datasources>
<no-tx-datasource>
<jndi-name>myApp1</jndi-name>
<connection-url>jdbc:postgresql://localhost:5432/ejb</connection-url>
.. ..
<security-domain>EncryptPortalGateinIDM</security-domain>
</no-tx-datasource>
</datasources>
login-config.xml should contain
<application-policy name = "EncryptPortalGateinIDM">
.. .. ..
</application-policy>
Web applications
If WEB-INF/jboss-web.xml contains
<security-domain>java:/jaas/myAppPolicy</security-domain>
login-config.xml should contain
<application-policy name = "myAppPolicy">
.. .. ..
</application-policy>
Root Cause
- Configuration error
Diagnostic Steps
- Verify that the file exists in the location configured in $PROFILE/conf/login-config.xml
- If using an encypted password for your database, ensure that the
<security-domain>configured in your *-ds.xml matches thename - For a web application verify the
<security-domain>matches the<application-policy>name configured in$PROFILE/conf/login-config.xml -
You could also add the following category to your jboss-log4j.xml and reproduce the issue to determine exactly where the error is originating:
<category name="org.jboss.security"> <priority value="TRACE" /> </category> -
Are you using JON 3.1? If so, then you should see the following messages (at trace level) in the server.log and the issue is likely coming from https://access.redhat.com/knowledge/solutions/220343:
TRACE [org.jboss.security.integration.JNDIBasedSecurityManagement] (WorkerThread#1[IP:PORT]) Exception in getting authentication mgr for domain=null java.lang.NullPointerException TRACE [org.jboss.security.integration.JBossSecuritySubjectFactory] (WorkerThread#1[IP:PORT]) AuthenticationManager for null not found. Using other
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
