'i got "login failure all modules ignored" exception when i try to use my custom login module on jboss 7.1
i got "login failure all modules ignored" exception when i try to use my custom login module on jboss 7.1 . i am trying to use my module as jboss module and as lib class but i got this exception and this is the stack:
ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8088-1) Login failure: javax.security.auth.login.LoginException: Login Failure: all modules ignored
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) [rt.jar:1.6.0_20]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [rt.jar:1.6.0_20]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [rt.jar:1.6.0_20]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_20]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [rt.jar:1.6.0_20]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [rt.jar:1.6.0_20]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:361) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:381) [jbossweb-7.0.13.Final.jar:]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_20]
Solution 1:[1]
Problem solved now, I just need to throw LoginException in wrong cases
Solution 2:[2]
TL;DR if you see all modules ignored, it means every LoginModule returned false. Every LoginModule either chose to be ignored or decided that the login failed.
This message is being generated by a Java security layer, Java Authentication and Authorization Service (JAAS). There is useful info in the Developer's Guide and Reference Guide.
There should be a configuration file, usually named auth.conf, which contains a list of classes to load. Each listed class must implement javax.security.auth.spi.LoginModule. login() is called, sequentially, in every module listed in auth.conf, as explained in Appendix B of the Reference Guide. Then commit() is called on every module.
A LoginModule can decide that it doesn't know how to handle a certain login. In that case it should return false from login(), which indicates that it should be ignored. Relevant section in the Developer's Guide:
If this LoginModule should be ignored, login should return false.
Throw a LoginException such as FailedLoginException if authentication fails.
Much documentation incorrectly states that returning false indicates failure, so many LoginModules are implemented that way.
If you see LoginException: Login Failure: all modules ignored, it means either that you have no LoginModules configured in auth.conf, or that the login() method of every configured LoginModule returned false. Returning false could either mean that they don't know how to handle the login or that the login failed.
You can add debug=true to the end of the line in auth.conf to ask the LoginModule to provide additional logging, although there is no guarantee that they will.
project {
com.example.auth.ConsoleLoginModule required debug=true;
}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Ibrahim Qandeel |
| Solution 2 |