1

我们目前正在将 Java EE 应用程序从 JBoss 6 移植到 JBoss 7.1.1。该应用程序没有 Web 界面,只有一个基于 Eclipse RCP 的远程客户端。为了对客户端进行身份验证,远程客户端使用“javax.security.auth.login.LoginContext”来提供所需的凭据。服务器正在使用“DatabaseServerLoginModule”来验证对应用程序安全域的所有访问。

为了将该应用程序移植到 JBoss 7.1.1,我执行了以下操作:

我在“standalone-full.xml”中配置了一个安全域:

<security-domain name="myDomain" cache-type="default">
  <authentication>
    <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
      <module-option name="dsJndiName" value="jdbc/myDS"/>
      <module-option name="principalsQuery" value="select u.password from users u left join authorizables a on u.id=a.id where a.name=?"/>
      <module-option name="rolesQuery" value="SELECT 'user', 'Roles' FROM authorizables WHERE name=?"/>
    </login-module>
  </authentication>
</security-domain>

接下来我配置了一个安全领域:

<security-realm name="MyAppRealm">
  <authentication>
    <jaas name="myDomain"/>
  </authentication>
</security-realm>

最后我将远程连接器绑定到我的自定义领域

<connector name="remoting-connector" socket-binding="remoting" security realm="MyAppRealm"/>

现在,当尝试访问服务器时,会引发以下异常:

ERROR connection:99 - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

javax.naming.NamingException: Failed to create remoting connection [Root exception is java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed]
at org.jboss.naming.remote.client.ClientUtil.namingException(ClientUtil.java:36)
at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:121)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at my.SampleClient.login(SampleClient.java:110)
... 26 more
Caused by: java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.naming.remote.protocol.IoFutureHelper.get(IoFutureHelper.java:87)
at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:56)
at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateCachedNamingStore(InitialContextFactory.java:166)
at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateNamingStore(InitialContextFactory.java:139)
at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:104)
... 31 more
Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:365)
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)
at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.nio.NioHandle.run(NioHandle.java:90)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)
at ...asynchronous invocation...(Unknown Source)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)
at org.jboss.naming.remote.client.EndpointCache$EndpointWrapper.connect(EndpointCache.java:105)
at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNamingStore(NamingStoreCache.java:55)
... 34 more

有谁知道我做错了什么。谁能给我一个关于如何设置这个场景的提示。我一直在 JBoss 文档中搜索,但没有找到解决此问题的方法。

4

1 回答 1

-1

那个部分:

<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">

它错了。不使用“ org.jboss.security.auth.spi.DatabaseServerLoginModule ”的全名类,是“数据库”,根据链接https://docs.jboss.org/author/display/AS71/Security+subsystem+configuration where存在与此“代码”相关联的“全名限定类”的表。

于 2012-10-17T19:12:49.253 回答