javax.security.auth.login.LoginException: exceção de segurança

Estou tentando configurar a segurança gerenciada por contêiner com o GlassFish v3.1.2 e o JSF 2.1 e o primeFaces 3.4.2

O valor HexValue e o database correspondem, mas recebem a seguinte exceção

Eu tentei o codificador Base64, mas o mesmo resultado. O valor calculado, e senha estão bem, algo mais que eu perdi … existe alguma outra configuração que estou perdendo esp em glassfish ou arquivo login.xhtml

nome de usuário: admin1 pass: admin

usando o seguinte SHAConverter.java

Used org.apache.commons.codec.digest.DigestUtils; for calculating HEX final MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); final byte bin[] = messageDigest.digest((value.getBytes("UTF-8"))); final String hash = DigestUtils.sha256Hex(bin); System.out.println("hex : " + hash); 

  FINE: [Web-Security] Setting Policy Context ID: old = null ctxID = PrimeJSF-EJB-JPA-2/PrimeJSF-EJB-JPA-2 FINE: [Web-Security] hasUserDataPermission perm: ("javax.security.jacc.WebUserDataPermission" "/Login.xhtml" "POST") FINE: [Web-Security] hasUserDataPermission isGranted: true INFO: VALUE ------------- admin INFO: hex : dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7 INFO: request.isRequestedSessionIdValid() true INFO: user : admin1 >> dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7 INFO: false FINEST: Processing login with credentials of type: class com.sun.enterprise.security.auth.login.common.PasswordCredential FINE: Logging in user [admin1] into realm: myRealm using JAAS module: jdbcRealm FINE: Login module initialized: class com.sun.enterprise.security.auth.login.JDBCLoginModule FINE: JAAS authentication aborted. FINEST: doPasswordLogin fails javax.security.auth.login.LoginException: Security Exception at javax.security.auth.login.LoginContext.invoke(LoginContext.java:870) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) at javax.security.auth.login.LoginContext.login(LoginContext.java:594) at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:382) at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:240) at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:153) at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:514) at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:455) at org.apache.catalina.connector.Request.login(Request.java:1938) at org.apache.catalina.connector.Request.login(Request.java:1901) at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146) at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83) at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at com.sun.el.parser.AstValue.invoke(AstValue.java:254) at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302) at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39) at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148) at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88) at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769) at javax.faces.component.UICommand.broadcast(UICommand.java:300) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593) at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217) at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231) at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195) at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056) at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229) at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90) at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79) at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54) at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59) at com.sun.grizzly.ContextTask.run(ContextTask.java:71) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532) at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513) at java.lang.Thread.run(Thread.java:722) Caused by: java.lang.SecurityException at javax.security.auth.login.LoginContext.invoke(LoginContext.java:871) ... 64 more WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception SEVERE: IOException, Login Controller: The username or password you provided does not match our records. SEVERE: javax.servlet.ServletException: Exception thrown while attempting to authenticate for user: admin1 at org.apache.catalina.connector.Request.login(Request.java:1970) at org.apache.catalina.connector.Request.login(Request.java:1901) at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146) at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83) at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at com.sun.el.parser.AstValue.invoke(AstValue.java:254) at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302) at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39) at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148) at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88) at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769) at javax.faces.component.UICommand.broadcast(UICommand.java:300) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593) at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217) at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231) at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195) at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056) at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229) at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90) at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79) at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54) at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59) at com.sun.grizzly.ContextTask.run(ContextTask.java:71) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532) at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513) at java.lang.Thread.run(Thread.java:722) Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1 at org.apache.catalina.connector.Request.login(Request.java:1941) ... 52 more SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1970) SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1901) SEVERE: at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146) SEVERE: at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83) SEVERE: at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java) SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) SEVERE: at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) SEVERE: at java.lang.reflect.Method.invoke(Method.java:601) SEVERE: at com.sun.el.parser.AstValue.invoke(AstValue.java:254) SEVERE: at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302) SEVERE: at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39) SEVERE: at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) SEVERE: at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) SEVERE: at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148) SEVERE: at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88) SEVERE: at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769) SEVERE: at javax.faces.component.UICommand.broadcast(UICommand.java:300) SEVERE: at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794) SEVERE: at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259) SEVERE: at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) SEVERE: at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) SEVERE: at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) SEVERE: at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593) SEVERE: at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550) SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343) SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217) SEVERE: at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32) SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217) SEVERE: at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279) SEVERE: at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) SEVERE: at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655) SEVERE: at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595) SEVERE: at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161) SEVERE: at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331) SEVERE: at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231) SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317) SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195) SEVERE: at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860) SEVERE: at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757) SEVERE: at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056) SEVERE: at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229) SEVERE: at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137) SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104) SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90) SEVERE: at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79) SEVERE: at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54) SEVERE: at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59) SEVERE: at com.sun.grizzly.ContextTask.run(ContextTask.java:71) SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532) SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513) SEVERE: at java.lang.Thread.run(Thread.java:722) SEVERE: Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1 SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1941) SEVERE: ... 52 more 

Aqui está o Glassm realmSettings

 Configuration Name: server-config Realm Name: myRealm Class Name: com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm JAAS Context: jdbcRealm JNDI: jdbc/myDatasource User Table: user_role_view User Name Column: username Password Column: password Group Table: user_role_view Group Table User Name Column:--- Group Name Column: rolename Assign Groups:--- Database User:--- Database Password:--- Digest Algorithm: SHA-256 Password Encryption Algorithm:--- Encoding:Hex Charset:UTF-8 

Meu login.xhtml

   

Login Panel

Meu web.xml

  Administrator  Admin Area  /admin/*   Administrator Administrator    Manager  Manager Area  /manager/*   Manager Manager Administrator    User  User Operations  /user/*   User Manager Administrator User    FORM myRealm  /Login.xhtml /Login.xhtml    Administrator   Manager   User  

meu glassfish-web.xml

   Administrator Administrators   Manager Managers   User Users  

Eu usei este formulário , mas este tinha uma incompatibilidade de cálculo, mas meu problema parece ser algo diferente do que calcular

Você tem quase o mesmo problema que no post que você mencionou. Como você pode ver, o hash para a senha admin deve ser 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918 e não dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7 como está no seu caso.

Porque o valor deve ser uma string que você pode usar:

 final String hash = DigestUtils.sha256Hex(value); System.out.println("hex : " + hash); 

Mas aqui é algo que eu não entendo:

  final MessageDigest md = MessageDigest.getInstance("SHA-256"); String value = "admin"; md.update(value.getBytes("UTF-8")); final byte bin[] = md.digest(); System.out.println(DigestUtils.sha256Hex(bin)); System.out.println(DigestUtils.sha256Hex(value)); 

A saída é:

 dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918 

Mas eu acho que os dois methods devem retornar o mesmo valor …?