Skip to Content
0
Former Member
Jul 25, 2005 at 12:34 PM

JAAS login module

74 Views

Hello all, I'm having a problem with authentication. I hava a jaas Login Module that authenticates users against a db. After some work I could configure it and got it working. But, even my Login Module works fine, after validating an user I get the exception:

Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: User not authorized.

at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:223)

at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:324)

at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)

at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)

at java.security.AccessController.doPrivileged(Native Method)

at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)

at javax.security.auth.login.LoginContext.login(LoginContext.java:534)

at com.lumina.security.jaasrbac.SecurityFacade.authenticate(SecurityFacade.java:119)

... 51 more

Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: User is locked.

at com.sap.engine.services.security.server.jaas.CheckAction.checkUserLockStatus(CheckAction.java:181)

at com.sap.engine.services.security.server.jaas.CheckAction.run(CheckAction.java:58)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.services.security.server.jaas.LoginModuleHelperImpl.checkUserLockStatus(LoginModuleHelperImpl.java:116)

at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:175)

... 63 more

This happens after my login module is invoked and succeeds authenticating an user.

Is it really necessary to have a copy of the user data in the UME store?

Thanks,

Juan Manuel