I'm trying to use the weblogic jaas examples but keep getting the following
exception:
username: test
password: test0123
URL: t3://localhost:7001/
UsernamePasswordLoginModule.login(), username test
UsernamePasswordLoginModule.login(), password test0123
Authentication Failed: Unexpected Exception, java.lang.IllegalAccessError:
java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:94)
at weblogic.security.acl.Realm.getRealm(Realm.java:39
test/test0123 is a user in 'myrealm'.
WLS7.0sp1.
My main system/system01 account credentials do not work either. The
exception is failing in the Authenticate.authenticate() method of the
WebLogic-provided weblogic.security.auth.login.UsernamePasswordLoginModule.
Has anyone been able to get this working in 7.0sp1?
Thanks.
> Hello,
>
> I'm trying to use the weblogic jaas examples but keep getting the
> following exception:
>
> username: test
> password: test0123
> URL: t3://localhost:7001/
> UsernamePasswordLoginModule.login(), username test
> UsernamePasswordLoginModule.login(), password test0123
> Authentication Failed: Unexpected Exception, java.lang.IllegalAccessError:
> java.security.acl.NotOwnerException
> at weblogic.security.acl.Realm.getRealm(Realm.java:94)
> at weblogic.security.acl.Realm.getRealm(Realm.java:39
The code is from the SimpleClient.java example btw.
In the stack trace I notice the WEbLogic JAAS Authenticate.authenticate()
winds up using weblogic.security.acl.Realm, which is NOT JAAS, and is
_deprecated_. ?
Authentication Failed: Unexpected Exception, java.lang.IllegalAccessError:
java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:94)
at weblogic.security.acl.Realm.getRealm(Realm.java:39)
at weblogic.security.acl.Realm.authenticate(Realm.java:196)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:246)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:138)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:107)
at
weblogic.security.auth.Authenticate.authenticate(Authenticate.java:144)
at
weblogic.security.auth.login.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:170)
at java.lang.reflect.Method.invoke(Native Method)
at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:595)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:125)
at
javax.security.auth.login.LoginContext$3.run(LoginContext.java:531)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:528)
at
javax.security.auth.login.LoginContext.login(LoginContext.java:449)
at com.sfcommerce.test.wls.SampleClient.main(SampleClient.java:80)
at jsp_servlet.__index._jspService(__index.java:109)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
this is a known issue for WLS 7.0 SP1 and will be fixed in SP2. If you need a
one-off patch for SP1, please open a case and request the patch for CR089964.
HTH
Maria Salzberger
BEA Customer Support
I was getting the same exception until I changed the code from:
loginContext = new LoginContext(..);
subject = loginContext.login();
to:
subject = weblogic.security.services.Authentication.login(..);
which is not documented anywhere but in the Javadocs and very sparingly there
too. Is this an officially supported class?
yes this is supported and a valid workaround for this problem.
Regards
Maria