Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Various problems/questions on UP client authentication on BAS 4.51

1 view
Skip to first unread message

Peter Nilsson

unread,
Oct 18, 2001, 3:30:14 AM10/18/01
to
Hi,

I am running UP client authentication on BAS 4.51 and run inte various
problems/questions:

- The FileDB password backend seems to cache usernames and passwords even if
I turn the cache off.
Symptom:
1. I try to log into the client with a non-existent user, which of
course fails with a CORBA NO PERMISSION
2. I use pbeadmin to add the user to the password backend
3. I again try to log into the client with the newly added user, which
also fails with a CORBA NO PERMISSION !!!
4. I restart the application server
5. I again try to log into the client with the newly added user and now
it works
Properties:
vbroker.security.passwordBackEnd=FileDB
vbroker.security.FileDB.file=d:/security/pbe
vbroker.security.FileDB.enableCache=false
How do I turn off the cache completely? Btw, what unit of time is used in
vbroker.security.FileDB.cacheTTL, seconds?

- How does HostDB work? At first I assumed that it is just another way to
verify a username/password pair but
when I try it out it behaves quite differently. I am using NT4 and the
following properties:
vbroker.security.passwordBackEnd=HostDB
vbroker.security.HostDB.domain=.
Now I run into CORBA NO PERMISSION when deploying even if I have the exact
same setup as in the FileDB case above with
the exception of password backend. Do I have to be logged into NT with the
same userid as I use for logging into our client?

- In some cases the SessionContext.getCallerPrincipal() returns a
RuntimeException with the message "Access id not found".
Properties:
vbroker.security.wallet.type=NONE
vbroker.security.wallet.identity=admin
vbroker.security.wallet.password=secret
vbroker.security.allowGuestUser=false
vbroker.security.enableAuthentication=true
vbroker.security.requireAuthentication=true
The scary thing is that in some of those cases the user that I logged into
the client with did not exist in the password backend
but was allowed into the method on the bean anyway, presumably because the
system did get "access id not found" the same way as I did
and could thus not authenticate the user. Notice that I have guest turned
off.
What does "Access id not found" mean and why does it occur? How do I
prevent it?

Sorry for the lengthy post and thanks in advance

Peter Nilsson


0 new messages