List Info

Thread: Security Problem in JBoss
Security Problem in JBoss
user name
 2006-07-28 14:32:39 
Hi,

I've just pulled the latest code (2.4.24) from cvs and
deployed it into 
a new, lean JBoss 4.0.4 setup.

It's working OK, but I'm having a problem with
authentication. The 
admin/SecurityConfig.jsp reports everything is fine.

My container-managed security (using simple user and role
files) is 
working OK outside of JSPWiki.

I have added the roles Admin and Authenticated to my
"test" user 
account.  (I have not set up any users or groups in jspwiki
config files).

Basically, if I try to log in, the login fails and just
re-presents the 
login page to me.

 From the logs:

2006-07-29 00:23:06,309 DEBUG -
WikiSecurityEvent.ACCESS_ALLOWED 
[source=com.ecyrd.jspwiki.auth.AuthorizationManagerb9e9a3, 
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal 127.0.0.1, 
target=("com.ecyrd.jspwiki.auth.permissions.WikiPermis
sion","JSPWiki","login")]
2006-07-29 00:23:06,309 INFO -
WikiSecurityEvent.ACCESS_DENIED 
[source=com.ecyrd.jspwiki.auth.AuthorizationManagerb9e9a3, 
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal 127.0.0.1, 
target=("com.ecyrd.jspwiki.auth.permissions.WikiPermis
sion","JSPWiki","creategroups"
)]
2006-07-29 00:23:06,309 DEBUG -
WikiSecurityEvent.ACCESS_DENIED 
[source=com.ecyrd.jspwiki.auth.AuthorizationManagerb9e9a3, 
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal 127.0.0.1, 
target=("com.ecyrd.jspwiki.auth.permissions.WikiPermis
sion","JSPWiki","creategroups"
)]
2006-07-29 00:23:06,319 DEBUG -
WikiSecurityEvent.ACCESS_ALLOWED 
[source=com.ecyrd.jspwiki.auth.AuthorizationManagerb9e9a3, 
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal 127.0.0.1, 
target=("com.ecyrd.jspwiki.auth.permissions.WikiPermis
sion","JSPWiki","login")]
2006-07-29 00:23:06,319 INFO -
WikiSecurityEvent.ACCESS_DENIED 
[source=com.ecyrd.jspwiki.auth.AuthorizationManagerb9e9a3, 
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal 127.0.0.1, 
target=("com.ecyrd.jspwiki.auth.permissions.WikiPermis
sion","JSPWiki","creategroups"
)]
2006-07-29 00:23:06,319 DEBUG -
WikiSecurityEvent.ACCESS_DENIED 
[source=com.ecyrd.jspwiki.auth.AuthorizationManagerb9e9a3, 
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal 127.0.0.1, 
target=("com.ecyrd.jspwiki.auth.permissions.WikiPermis
sion","JSPWiki","creategroups"
)]
2006-07-29 00:23:06,329 DEBUG -
WikiSecurityEvent.ACCESS_ALLOWED 
[source=com.ecyrd.jspwiki.auth.AuthorizationManagerb9e9a3, 
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal 127.0.0.1, 
target=("com.ecyrd.jspwiki.auth.permissions.WikiPermis
sion","JSPWiki","login")]
2006-07-29 00:23:06,329 INFO -
WikiSecurityEvent.ACCESS_DENIED 
[source=com.ecyrd.jspwiki.auth.AuthorizationManagerb9e9a3, 
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal 127.0.0.1, 
target=("com.ecyrd.jspwiki.auth.permissions.WikiPermis
sion","JSPWiki","creategroups"
)]
2006-07-29 00:23:06,329 DEBUG -
WikiSecurityEvent.ACCESS_DENIED 
[source=com.ecyrd.jspwiki.auth.AuthorizationManagerb9e9a3, 
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal 127.0.0.1, 
target=("com.ecyrd.jspwiki.auth.permissions.WikiPermis
sion","JSPWiki","creategroups"
)]

I'm just using the default policy settings.

Any ideas? Why is it trying to create a group when I'm
logging in?

(My groupdatabase.xml has no entries in it by the way).

Have I just got to a point where what's in CVS is not quite
usable?

Thanks,

...Milt

_______________________________________________
Jspwiki-users mailing list
Jspwiki-usersecyrd.com
http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )