Bug 724766 (BRMS-604)

Summary: Unable to login to JCR backend: JAAS policy cannot be found (logInAdmin user created)
Product: [JBoss] JBoss Enterprise BRMS Platform 5 Reporter: Lukáš Petrovický <lpetrovi>
Component: ModeshapeAssignee: Kurt Stam <kurt.stam>
Status: CLOSED NEXTRELEASE QA Contact: Petr Široký <psiroky>
Severity: high Docs Contact:
Priority: high    
Version: BRMS 5.2.0-Dev1CC: atangrin, lcarlon, ldimaggi, psiroky, rzhang, vhalbert
Target Milestone: ---Keywords: TestBlocker
Target Release: BRMS 5.2.0.GA   
Hardware: Unspecified   
OS: Unspecified   
URL: http://jira.jboss.org/jira/browse/BRMS-604
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
java version "1.6.0_22" OpenJDK Runtime Environment (IcedTea6 1.10.1) (fedora-57.1.10.1.fc15-x86_64) OpenJDK 64-Bit Server VM (build 20.0-b11, mixed mode)
Last Closed: 2011-08-16 14:50:39 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
login-config.xml
none
modeshape-config.xml
none
server.log none

Description Lukáš Petrovický 2011-06-10 08:26:58 UTC 
Affects Testing: Blocks Testing
securitylevel_name: Public

After successful installation of Modeshape into BRMS 5.2.0.DEV1 (+ EAP 5.1), I run into the following exception on server startup:

org.jboss.seam.InstantiationException: Could not instantiate Seam component: repositoryConfiguration
....
Caused by: org.drools.repository.RulesRepositoryException: UserName: [ logInAdmin] Unable to login to JCR backend.
....
Caused by: javax.jcr.LoginException: The JAAS policy named 'modeshape' (nor the policy named 'other') could not be found; check the value of the 'JAAS_LOGIN_CONFIG_NAME' repository option in the configuration for the 'brms' repository
	at org.modeshape.jcr.JcrRepository.login(JcrRepository.java:1344)
	at org.modeshape.jcr.JcrRepository.login(JcrRepository.java:1289)
	at org.drools.repository.JCRRepositoryConfigurator.login(JCRRepositoryConfigurator.java:95)
	at org.drools.repository.RulesRepositoryConfigurator.login(RulesRepositoryConfigurator.java:85)
	at org.drools.guvnor.server.repository.RepositoryStartupService.newSession(RepositoryStartupService.java:213)
	... 99 more
Caused by: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
	at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252)
	at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
	at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
	at org.modeshape.graph.JaasSecurityContext.<init>(JaasSecurityContext.java:115)
	at org.modeshape.graph.JaasSecurityContext.<init>(JaasSecurityContext.java:82)
	at org.modeshape.jcr.JcrRepository.login(JcrRepository.java:1341)
	... 103 more

As you can see from the attached server logs, Modeshape configuration and, importantly, the login-config.xml, the "modeshape" policy is there. 
In fact, the exact same process has been used to set up BRMS 5.2+Modeshape as was always being used to set up BRMS 5.1+Modeshape.
Comment 1 Lukáš Petrovický 2011-06-10 08:28:11 UTC 
Attachment: Added: login-config.xml
Attachment: Added: modeshape-config.xml
Attachment: Added: server.log
Comment 2 Lukáš Petrovický 2011-06-10 09:16:30 UTC 
Affects Testing: Added: [Blocks Testing]
Comment 3 Van Halbert 2011-06-13 15:09:37 UTC 
Tested with the latest code updates to ModeShape and to the build scripts, and didn't see this issue.   Suggest retesting with latest.
Comment 4 Petr Široký 2011-07-07 08:34:46 UTC 
Still happening with BRMS 5.2.0-dev3.
Comment 5 Petr Široký 2011-07-07 08:42:34 UTC 
Link: Added: This issue is duplicated by BRMS-615
Comment 6 Van Halbert 2011-07-07 11:47:03 UTC 
It appears the logInAdmin password was defined incorrectly in the components.xml file.   Use this:

<key>org.drools.repository.logInAdmin.password</key>  <value>logInAdmin</value>
Comment 7 Petr Široký 2011-07-07 12:03:17 UTC 
Yes, this is probably just a configuration issue. If the 'logInAdmin' user is added to brms-users.properties and the line you mentioned to components.xml, deploying is done without errors and Guvnor can be used with ModeShape.
Comment 8 Van Halbert 2011-07-12 18:58:21 UTC 
This issue is configuration issue to how components.xml and users are defined.
Comment 9 Petr Široký 2011-07-13 16:16:27 UTC 
Agreed. However user 'logInAdmin' is not listed in brms-users.properties (and brms-roles.properties) and also not in compoments.xml by default. User has to be added manually. I think that it should be there by default.
Comment 10 Ryan Zhang 2011-07-18 12:29:51 UTC 
Would it make sense to use 'admin' as the default connect account for modeshape instead of logInAdmin as it was in BRMS 5.1.0?
Plus the 'admin' is still the default account for BRMS web interface login in.
Comment 11 Van Halbert 2011-07-18 15:19:29 UTC 
Not sure where the logInAdmin came from, its not from modeshape.
Comment 12 Petr Široký 2011-07-18 15:44:24 UTC 
So, it seems that the user name was added/changed in Guvnor 5.2. Not sure what is the reason for that, but I'll try to find out.
Comment 13 Petr Široký 2011-07-21 09:35:47 UTC 
From e-mail communication come out, that Toni Rikkola changed the name by mistake and he will revert this change in brms 5.2 branch, so this should be probably fixed in new build.
Comment 14 Van Halbert 2011-08-12 15:41:31 UTC 
Changing to a BRMS person, cause this is a BRMS configuration/kitting issue, that is not controlled by ModeShape.
Comment 15 Petr Široký 2011-08-16 14:50:39 UTC 
Verified fixed in 5.2.0 ER2. Closing this issue.