Application Server 7
  1. Application Server 7
  2. AS7-3824

Security domain ignored for resource adapters

    Details

    • Similar Issues:
      Show 10 results 

      Description

      Creating RA with security domain authentication failed:
      [org.jboss.as.connector.deployers.RADeployer] (MSC service thread 1-7) IJ020007: Exception during createSubject(): PB00024: Access Denied:Unauthenticated caller:null: java.lang.SecurityException: PB00024: Access Denied:Unauthenticated caller:null
      at org.jboss.security.plugins.JBossSecuritySubjectFactory.createSubject(JBossSecuritySubjectFactory.java:89) [picketbox-4.0.6.final.jar:4.0.6.final]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer$1.run(AbstractResourceAdapterDeployer.java:2242) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer$1.run(AbstractResourceAdapterDeployer.java:2237) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_23]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer.createSubject(AbstractResourceAdapterDeployer.java:2236) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer.createObjectsAndInjectValue(AbstractResourceAdapterDeployer.java:2018) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer.createObjectsAndInjectValue(AbstractResourceAdapterDeployer.java:1030) [ironjacamar-deployers-common-1.0.7.Final.jar:1.0.7.Final]
      at org.jboss.as.connector.metadata.deployment.ResourceAdapterDeploymentService$AS7RaDeployer.doDeploy(ResourceAdapterDeploymentService.java:171)
      at org.jboss.as.connector.metadata.deployment.ResourceAdapterDeploymentService.start(ResourceAdapterDeploymentService.java:100)
      at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
      at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_23]
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_23]
      at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_23]

        Issue Links

          Activity

          Show
          Jesper Pedersen
          added a comment - Resource adapter part committed: https://github.com/jbossas/jboss-as/commit/9ccb11d845c99541b3312dffd6a1be5d7acd1a2d
          Hide
          Vladimir Rastseluev
          added a comment -
          Show
          Vladimir Rastseluev
          added a comment - See test case in https://github.com/jbossas/jboss-as/pull/1616
          Hide
          Jesper Pedersen
          added a comment -

          Use

          <security-domain name="jca-domain" cache-type="default">
            <authentication>
              <login-module code="ConfiguredIdentity" flag="required">
                <module-option name="userName" value="sa"/>
                <module-option name="principal" value="sa"/>
                <module-option name="password" value="sa"/>
                <module-option name="unauthenticatedIdentity" value="sa"/>
              </login-module>
            </authentication>
          </security-domain>
          
          Show
          Jesper Pedersen
          added a comment - Use <security-domain name= "jca-domain" cache-type= " default " > <authentication> <login-module code= "ConfiguredIdentity" flag= "required" > <module-option name= "userName" value= "sa" /> <module-option name= "principal" value= "sa" /> <module-option name= "password" value= "sa" /> <module-option name= "unauthenticatedIdentity" value= "sa" /> </login-module> </authentication> </security-domain>
          Hide
          Anil Saldhana
          added a comment - - edited

          https://github.com/jbossas/jboss-as/pull/1648 should resolve this.

          ==========
          $ mvn clean install -Dtest=org.jboss.as.test.integration.jca.security.RaWithSecurityDomainTestCase
          -------------------------------------------------------
          Running org.jboss.as.test.integration.jca.security.RaWithSecurityDomainTestCase
          Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 61.41 sec

          Results :

          Tests run: 1, Failures: 0, Errors: 0, Skipped: 0

          Show
          Anil Saldhana
          added a comment - - edited https://github.com/jbossas/jboss-as/pull/1648 should resolve this. ========== $ mvn clean install -Dtest=org.jboss.as.test.integration.jca.security.RaWithSecurityDomainTestCase ------------------------------------------------------- Running org.jboss.as.test.integration.jca.security.RaWithSecurityDomainTestCase Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 61.41 sec Results : Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
          Hide
          Bjørn Westblad
          added a comment -

          This issue does not seem to be fixed in 7.1.1-FINAL.

          See latest reply here: https://community.jboss.org/message/731862#731862

          Show
          Bjørn Westblad
          added a comment - This issue does not seem to be fixed in 7.1.1-FINAL. See latest reply here: https://community.jboss.org/message/731862#731862
          Hide
          Nicholas DiPiazza
          added a comment - - edited

          Agreed. I have JBoss 7.1.1.Final on CentOS6.2 64-bit, jdk 6, and I get this issue when trying to use Domain authentication from the SQL Server.

          Driver "sqljdbc4.jar" deployed as a module.
          standalone.xml:

          <subsystem xmlns="urn:jboss:domain:datasources:1.0">
          <datasources>
          <datasource jndi-name="java:jboss/datasources/NDD_DS" pool-name="NDD_DS" enabled="true" jta="true" use-java-context="true" use-ccm="true">
          <connection-url>
          jdbc:sqlserver://192.168.2.18;databasename=test;user=Administrator;username=Administrator;password=xxxxxxxx
          </connection-url>
          <driver>
          microsoft
          </driver>
          <pool>
          <min-pool-size>
          0
          </min-pool-size>
          <max-pool-size>
          10
          </max-pool-size>
          <prefill>
          false
          </prefill>
          <use-strict-min>
          false
          </use-strict-min>
          <flush-strategy>
          FailingConnectionOnly
          </flush-strategy>
          </pool>
          <security>
          <security-domain>
          COM
          </security-domain>
          <user-name>Administrator</user-name>
          <password>xxxxxxxx</password>
          </security>
          </datasource>
          <drivers>
          <driver name="microsoft" module="com.microsoft.sqlserver">
          <xa-datasource-class>com.microsoft.sqlserver.jdbc.SQLServerXADataSource</xa-datasource-class>
          </driver>
          </drivers>
          </datasources>
          </subsystem>

          Error:

          10:52:04,351 ERROR [org.jboss.as.connector.subsystems.datasources.AbstractDataSo
          urceService$AS7DataSourceDeployer] (MSC service thread 1-1) Exception during cre
          ateSubject()PB00024: Access Denied:Unauthenticated caller:null: java.lang.Securi
          tyException: PB00024: Access Denied:Unauthenticated caller:null

          The same credentials work to connect from Tomcat with another application.

          Show
          Nicholas DiPiazza
          added a comment - - edited Agreed. I have JBoss 7.1.1.Final on CentOS6.2 64-bit, jdk 6, and I get this issue when trying to use Domain authentication from the SQL Server. Driver "sqljdbc4.jar" deployed as a module. standalone.xml: <subsystem xmlns="urn:jboss:domain:datasources:1.0"> <datasources> <datasource jndi-name="java:jboss/datasources/NDD_DS" pool-name="NDD_DS" enabled="true" jta="true" use-java-context="true" use-ccm="true"> <connection-url> jdbc:sqlserver://192.168.2.18;databasename=test;user=Administrator;username=Administrator;password=xxxxxxxx </connection-url> <driver> microsoft </driver> <pool> <min-pool-size> 0 </min-pool-size> <max-pool-size> 10 </max-pool-size> <prefill> false </prefill> <use-strict-min> false </use-strict-min> <flush-strategy> FailingConnectionOnly </flush-strategy> </pool> <security> <security-domain> COM </security-domain> <user-name>Administrator</user-name> <password>xxxxxxxx</password> </security> </datasource> <drivers> <driver name="microsoft" module="com.microsoft.sqlserver"> <xa-datasource-class>com.microsoft.sqlserver.jdbc.SQLServerXADataSource</xa-datasource-class> </driver> </drivers> </datasources> </subsystem> Error: 10:52:04,351 ERROR [org.jboss.as.connector.subsystems.datasources.AbstractDataSo urceService$AS7DataSourceDeployer] (MSC service thread 1-1) Exception during cre ateSubject()PB00024: Access Denied:Unauthenticated caller:null: java.lang.Securi tyException: PB00024: Access Denied:Unauthenticated caller:null The same credentials work to connect from Tomcat with another application.

            People

            • Assignee:
              Anil Saldhana
              Reporter:
              Jesper Pedersen
            • Votes:
              1 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: