• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
  • Mikalai Zaikin

JAAS migration from JBoss to BEA

Posts: 25
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
We are in the process of migrating an application that uses JAAS from JBoss to BEA. I am having trouble getting the BEA deployment set up so that my custom login module is created and used correctly. I believe that I have done something wrong in the way I have set up permissions in my weblogic.policy file. Here's what I see:

To begin with, I am starting the weblogic server using a -D command that points to my login.config file:


I can then see that the server knows to use this file (and the custom loign module defined by that file) because the server echoes this out when it starts:

java.security.auth.login.config = /opt/bea/jdk142_08/jre/lib/security/weblogic-login.config
java.security.policy = /opt/bea/weblogic81/server/lib/weblogic.policy

So far, so good (I think). Now, when I open the security wide open in my weblogic.config file, my custom login module DOES get created and used by the application. However, I don't want the security as broad as this (I like to narrow it down to what I really need):

grant {
permission java.security.AllPermission;

So now I have begun to attempt to grant only those permissions that I really want:

grant {
permission java.lang.RuntimePermission "*";
permission java.io.FilePermission "${/}opt${/}bea${/}weblogic81${/}-", "read,write,delete";
permission java.io.FilePermission "${/}opt${/}bea${/}user_projects${/}domains${/}-", "read,write,delete";
permission java.io.FilePermission "${/}opt${/}bea${/}-", "read,write,delete";
permission java.io.FilePermission "${/}tmp${/}-", "read,write,delete";
permission java.util.PropertyPermission "*", "read";
permission java.net.SocketPermission "*", "connect";
permission javax.security.auth.AuthPermission "*";
permission java.security.auth.AuthPermission "*";

However, I now get this error when I attempt to create my custom login module:

ERROR [gov.va.med.logservice] No LoginModules configured for EelsLogin
javax.security.auth.login.LoginException: No LoginModules configured for EelsLogin
at javax.security.auth.login.LoginContext.init(LoginContext.java:189)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:404)
at gov.va.med.logService.struts.action.EelsLoginAction.execute(EelsLoginAction.java:87)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1072)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6981)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3892)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2766)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)

Any ideas?

- Ben
Consider Paul's rocket mass heater.
    Bookmark Topic Watch Topic
  • New Topic