JBoss 5.1/JAAS/Kerberos Authentication - ERROR [UsersRolesLoginModule] Failed to load users/password
posted 3 years ago
We have a use case where a web app running on JBoss 5.1 (say Application A) needs to programatically log into another application (say Application B). Application B uses Kerbros as its authentication mechanism.
1.We first created a standalone client that is able to successfully log into Application B using JAAS and Java GSS-API. So that works.
2.Next, we created a very simple, HelloWorld like web app, with only one servlet. Inside the doGet method of this servlet we incorporated the same code as the standalone client we had created in #1 and deployed it to a fresh install of JBoss 5.1. When this servlet is invoked, we see the exception inlined below.
3.The same servlet web-app when deployed to Weblogic 10.x works without any changes, as is.
What are we missing here? My hunch is that JBoss has a implementation of the security APIs (org.jboss.security.auth.spi.*) that is being picked up by the server at runtime in place of the default JRE implementation, causing this exception. So how do we tell JBoss not to use its own implementation? What needs to be done to make this work inside JBoss 5.1?
I am listing entire code from inside the test servlet below. The exception gets thrown from inside the "public LoginContext login(Subject subject)" method. Please let me know if any further information is needed, I will be happy to provide.