Application Server 7
  1. Application Server 7
  2. AS7-3824

Security domain ignored for resource adapters

    Details

    • Similar Issues:
      Show 10 results 

      Description

      Creating RA with security domain authentication failed:
      [org.jboss.as.connector.deployers.RADeployer] (MSC service thread 1-7) IJ020007: Exception during createSubject(): PB00024: Access Denied:Unauthenticated caller:null: java.lang.SecurityException: PB00024: Access Denied:Unauthenticated caller:null
      at org.jboss.security.plugins.JBossSecuritySubjectFactory.createSubject(JBossSecuritySubjectFactory.java:89) [picketbox-4.0.6.final.jar:4.0.6.final]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer$1.run(AbstractResourceAdapterDeployer.java:2242) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer$1.run(AbstractResourceAdapterDeployer.java:2237) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_23]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer.createSubject(AbstractResourceAdapterDeployer.java:2236) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer.createObjectsAndInjectValue(AbstractResourceAdapterDeployer.java:2018) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer.createObjectsAndInjectValue(AbstractResourceAdapterDeployer.java:1030) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at org.jboss.as.connector.metadata.deployment.ResourceAdapterDeploymentService$AS7RaDeployer.doDeploy(ResourceAdapterDeploymentService.java:171)
      at org.jboss.as.connector.metadata.deployment.ResourceAdapterDeploymentService.start(ResourceAdapterDeploymentService.java:100)
      at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
      at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_23]
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_23]
      at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_23]

        Gliffy Diagrams

          Issue Links

            Activity

            Show
            Jesper Pedersen added a comment - Resource adapter part committed: https://github.com/jbossas/jboss-as/commit/9ccb11d845c99541b3312dffd6a1be5d7acd1a2d
            Hide
            Vladimir Rastseluev added a comment -
            Show
            Vladimir Rastseluev added a comment - See test case in https://github.com/jbossas/jboss-as/pull/1616
            Hide
            Jesper Pedersen added a comment -

            Use

            <security-domain name="jca-domain" cache-type="default">
              <authentication>
                <login-module code="ConfiguredIdentity" flag="required">
                  <module-option name="userName" value="sa"/>
                  <module-option name="principal" value="sa"/>
                  <module-option name="password" value="sa"/>
                  <module-option name="unauthenticatedIdentity" value="sa"/>
                </login-module>
              </authentication>
            </security-domain>
            

            Show
            Jesper Pedersen added a comment - Use <security-domain name="jca-domain" cache-type="default"> <authentication> <login-module code="ConfiguredIdentity" flag="required"> <module-option name="userName" value="sa"/> <module-option name="principal" value="sa"/> <module-option name="password" value="sa"/> <module-option name="unauthenticatedIdentity" value="sa"/> </login-module> </authentication> </security-domain>
            Hide
            Anil Saldhana added a comment - - edited

            https://github.com/jbossas/jboss-as/pull/1648 should resolve this.

            ==========
            $ mvn clean install -Dtest=org.jboss.as.test.integration.jca.security.RaWithSecurityDomainTestCase
            -------------------------------------------------------
            Running org.jboss.as.test.integration.jca.security.RaWithSecurityDomainTestCase
            Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 61.41 sec

            Results :

            Tests run: 1, Failures: 0, Errors: 0, Skipped: 0

            Show
            Anil Saldhana added a comment - - edited https://github.com/jbossas/jboss-as/pull/1648 should resolve this. ========== $ mvn clean install -Dtest=org.jboss.as.test.integration.jca.security.RaWithSecurityDomainTestCase ------------------------------------------------------- Running org.jboss.as.test.integration.jca.security.RaWithSecurityDomainTestCase Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 61.41 sec Results : Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
            Hide
            Bjørn Westblad added a comment -

            This issue does not seem to be fixed in 7.1.1-FINAL.

            See latest reply here: https://community.jboss.org/message/731862#731862

            Show
            Bjørn Westblad added a comment - This issue does not seem to be fixed in 7.1.1-FINAL. See latest reply here: https://community.jboss.org/message/731862#731862
            Hide
            Nicholas DiPiazza added a comment - - edited

            Agreed. I have JBoss 7.1.1.Final on CentOS6.2 64-bit, jdk 6, and I get this issue when trying to use Domain authentication from the SQL Server.

            Driver "sqljdbc4.jar" deployed as a module.
            standalone.xml:

            <subsystem xmlns="urn:jboss:domain:datasources:1.0">
            <datasources>
            <datasource jndi-name="java:jboss/datasources/NDD_DS" pool-name="NDD_DS" enabled="true" jta="true" use-java-context="true" use-ccm="true">
            <connection-url>
            jdbc:sqlserver://192.168.2.18;databasename=test;user=Administrator;username=Administrator;password=xxxxxxxx
            </connection-url>
            <driver>
            microsoft
            </driver>
            <pool>
            <min-pool-size>
            0
            </min-pool-size>
            <max-pool-size>
            10
            </max-pool-size>
            <prefill>
            false
            </prefill>
            <use-strict-min>
            false
            </use-strict-min>
            <flush-strategy>
            FailingConnectionOnly
            </flush-strategy>
            </pool>
            <security>
            <security-domain>
            COM
            </security-domain>
            <user-name>Administrator</user-name>
            <password>xxxxxxxx</password>
            </security>
            </datasource>
            <drivers>
            <driver name="microsoft" module="com.microsoft.sqlserver">
            <xa-datasource-class>com.microsoft.sqlserver.jdbc.SQLServerXADataSource</xa-datasource-class>
            </driver>
            </drivers>
            </datasources>
            </subsystem>

            Error:

            10:52:04,351 ERROR [org.jboss.as.connector.subsystems.datasources.AbstractDataSo
            urceService$AS7DataSourceDeployer] (MSC service thread 1-1) Exception during cre
            ateSubject()PB00024: Access Denied:Unauthenticated caller:null: java.lang.Securi
            tyException: PB00024: Access Denied:Unauthenticated caller:null

            The same credentials work to connect from Tomcat with another application.

            Show
            Nicholas DiPiazza added a comment - - edited Agreed. I have JBoss 7.1.1.Final on CentOS6.2 64-bit, jdk 6, and I get this issue when trying to use Domain authentication from the SQL Server. Driver "sqljdbc4.jar" deployed as a module. standalone.xml: <subsystem xmlns="urn:jboss:domain:datasources:1.0"> <datasources> <datasource jndi-name="java:jboss/datasources/NDD_DS" pool-name="NDD_DS" enabled="true" jta="true" use-java-context="true" use-ccm="true"> <connection-url> jdbc:sqlserver://192.168.2.18;databasename=test;user=Administrator;username=Administrator;password=xxxxxxxx </connection-url> <driver> microsoft </driver> <pool> <min-pool-size> 0 </min-pool-size> <max-pool-size> 10 </max-pool-size> <prefill> false </prefill> <use-strict-min> false </use-strict-min> <flush-strategy> FailingConnectionOnly </flush-strategy> </pool> <security> <security-domain> COM </security-domain> <user-name>Administrator</user-name> <password>xxxxxxxx</password> </security> </datasource> <drivers> <driver name="microsoft" module="com.microsoft.sqlserver"> <xa-datasource-class>com.microsoft.sqlserver.jdbc.SQLServerXADataSource</xa-datasource-class> </driver> </drivers> </datasources> </subsystem> Error: 10:52:04,351 ERROR [org.jboss.as.connector.subsystems.datasources.AbstractDataSo urceService$AS7DataSourceDeployer] (MSC service thread 1-1) Exception during cre ateSubject()PB00024: Access Denied:Unauthenticated caller:null: java.lang.Securi tyException: PB00024: Access Denied:Unauthenticated caller:null The same credentials work to connect from Tomcat with another application.

              People

              • Assignee:
                Anil Saldhana
                Reporter:
                Jesper Pedersen
              • Votes:
                1 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Development