CODEWITHSUNDEEP
jbossrestcommmobicents-sip-servletssip-servlet
enyoucky
enyoucky

Reputation: 123

Can't enable jboss security

I practise sip scenarios based on mobicents sip servlets. I have Restcomm-JBoss-AS7-8.2.0.1221 and my own sip application deployed on it (restcomm app is disabled). I encountered a problem with enabling jboss security. What I did:

1.Create sip-servlets-roles.properties

admin=caller

2.Create sip-servlets-users.properties (for user alice, domain 192.168.56.101, password 1234)

admin=6f8002e56ee173a3a39144ea90d18a39

3.Put above files to ../Restcomm-JBoss-AS7-8.2.0.1221/standalone/configuration

4.Deploy sip application with sip.xml

<security-constraint>
    <display-name>REGISTER Method Security Constraint</display-name>
    <resource-collection>
        <resource-name>SipServletApp</resource-name>
        <description>Require authenticated REGSITER requests</description>
        <servlet-name>SipServletApp</servlet-name>
        <sip-method>REGISTER</sip-method>
    </resource-collection>
    <auth-constraint>
        <role-name>caller</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>DIGEST</auth-method>
    <realm-name>192.168.56.101</realm-name>
</login-config>

5.standalone-sip.xml is unchanged

<security-domain name="sip-servlets">
                <authentication>
                    <login-module code="UsersRoles" flag="required">
                        <module-option name="usersProperties" value="${jboss.server.config.dir}/sip-servlets-users.properties"/>
                        <module-option name="rolesProperties" value="${jboss.server.config.dir}/sip-servlets-roles.properties"/>
                        <module-option name="hashAlgorithm" value="MD5"/>
                        <module-option name="hashEncoding" value="RFC2617"/>
                        <module-option name="hashUserPassword" value="false"/>
                        <module-option name="hashStorePassword" value="true"/>
                        <module-option name="passwordIsA1Hash" value="true"/>
                        <module-option name="storeDigestCallback" value="org.jboss.security.auth.callback.RFC2617Digest"/>
                    </login-module>
                </authentication>
            </security-domain>

6.Try to register user alice with zoiper wireshark trace

7.Enabling trace level and got Error in jboss logs

14:14:10,140 DEBUG [org.jboss.security] (Restcomm-SIP-Servlets-UDPMessageChannelThread-44) PBOX000206: Login failure: javax.security.auth.login.LoginException: java.lang.NullPointerException
    at org.jboss.security.auth.spi.Util.createPasswordHash(Util.java:424)
    at org.jboss.security.auth.spi.UsernamePasswordLoginModule.createPasswordHash(UsernamePasswordLoginModule.java:450)
    at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:280)
...

8.DAR is set to my sip app

So the question is what is wrong with this configuration?

Upvotes: 2

Views: 127

Answers (1)

Mzee
Mzee

Reputation: 1

Your storePassword, ie. admin=6f8002e56ee173a3a39144ea90d18a39 is already hashed. module-option name="hashStorePassword" value="true", should be value="false"

Upvotes: 0

Related Questions