Details

      Description

      If I use the SecureIdentity security-domain with my datasource, and I directly hardcode the password in the security-domain definition (in standalone.xml), AS7.1.1.Final starts up fine with no errors:

      <security-domain name="RHQDSSecurityDomain" cache-type="default">
      <authentication>
      <login-module code="SecureIdentity" flag="required">
      <module-option name="username" value="$

      {myser:rhqadmin}

      "/>
      <module-option name="password" value="1eeb2f255e832171df8592078de921bc"/>
      </login-module>
      </authentication>
      </security-domain>

      Notice that I use the sys prop variable in the username ($

      {var}

      notation) but not for password. But now, use it for the password too:

      <security-domain name="RHQDSSecurityDomain" cache-type="default">
      <authentication>
      <login-module code="SecureIdentity" flag="required">
      <module-option name="username" value="$

      {myser:rhqadmin}

      "/>
      <module-option name="password" value="$

      {mypass:1eeb2f255e832171df8592078de921bc}

      "/>
      </login-module>
      </authentication>
      </security-domain>

      Notice $

      {mypass:1eeb...}

      . I do not want to hardcode the encrypted password - I want to set that system property (preferably via the -P option) so I don't hardcode it here.

      But when I start up AS7, I get an exception. Here's the exception I see at startup:

      17:44:08,636 ERROR [org.jboss.as.connector.subsystems.datasources.AbstractDataSourceService$AS7DataSourceDeployer] (MSC service thread 1-2) Exception during createSubject()PB00024: Access Denied:Unauthenticated caller:null: java.lang.SecurityException: PB00024: Access Denied:Unauthenticated caller:null
      at org.jboss.security.plugins.JBossSecuritySubjectFactory.createSubject(JBossSecuritySubjectFactory.java:89)
      at org.jboss.jca.deployers.common.AbstractDsDeployer$1.run(AbstractDsDeployer.java:1019)
      at org.jboss.jca.deployers.common.AbstractDsDeployer$1.run(AbstractDsDeployer.java:1014)
      at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_29]
      at org.jboss.jca.deployers.common.AbstractDsDeployer.createSubject(AbstractDsDeployer.java:1013)
      at org.jboss.jca.deployers.common.AbstractDsDeployer.deployXADataSource(AbstractDsDeployer.java:824)
      at org.jboss.jca.deployers.common.AbstractDsDeployer.createObjectsAndInjectValue(AbstractDsDeployer.java:338)
      at org.jboss.as.connector.subsystems.datasources.AbstractDataSourceService$AS7DataSourceDeployer.deploy(AbstractDataSourceService.java:271)
      at org.jboss.as.connector.subsystems.datasources.AbstractDataSourceService.start(AbstractDataSourceService.java:111)
      ...

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  ctomc Tomaz Cerar
                  Reporter:
                  mazz John Mazzitelli
                • Votes:
                  1 Vote for this issue
                  Watchers:
                  6 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: