Uploaded image for project: 'Application Server 3 4 5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-5802

BaseConnectionManager2 does not propagate or log authentication exception cause

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Major
    • None
    • JBossAS-4.2.2.GA
    • JCA service, Security
    • None
    • Low

    Description

      In org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(), the following code handles authentication errors while obtaining a new database connection from the pool:

      ...
      if (securityDomain.isValid(principal, credential, subject) == false)
      throw new SecurityException("Invalid authentication attempt, principal=" + principal);
      ...

      If there are errors during authentication, they are not logged or rethrown like it's done in AuthenticationInterceptor:

      ...
      if (authenticationManager.isValid(principal, credential, subject) == false)
      {
      // Check for the security association exception
      Exception ex = SecurityActions.getContextException();
      if (ex != null)
      throw ex;
      ...

      In our case, we had a bug in our login-config for the security domain being used for the database connections. The real exception came from the LoginModule's initialize method, but the only message we got is a SecurityException with 'Invalid authentication attempt'.

      Attachments

        Activity

          People

            Unassigned Unassigned
            cmjartan_jira Carsten Mjartan (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: