JaasSecurityManager.getActiveSubject(); retruns null
sea10 Feb 9, 2006 3:59 PMHello,
Im upgrading Jboss from (3.2.3+jetty) to JBoss 4.02
I have the following code, which worked fine, but not any more:
try {
JaasSecurityManager manager = (JaasSecurityManager) m_ctx.lookup("java:/jaas/" + policy);
final char[] passwordChar = password.toCharArray();
Principal user = new SimplePrincipal(userName);
if (manager.isValid(user, passwordChar)) {
Subject subject = manager.getActiveSubject();
SecurityAssociation.setCredential(passwordChar);
SecurityAssociation.setPrincipal(user);
SecurityAssociation.setSubject(subject);
request.getSession().setAttribute(__J_AUTHENTICATED, user);
request.getSession().setAttribute("j_subject", subject);
request.setAttribute("j_subject", subject);
return true;
...
The manager returns null in getActiveSubject();
I have added the trace for security in log4j.xml
and this is my TRACE;
2006-02-09 20:41:04,282 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1139517664282 sessioncount 1
2006-02-09 20:41:04,282 DEBUG [org.apache.catalina.session.ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.connector.CoyoteAdapter] Requested cookie session id is 3CB6FD586FAB1C602148BD4D48D2322E
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request POST /danbe
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[all]' against POST /danbe --> false
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[all]' against POST /danbe --> false
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[all]' against POST /danbe --> false
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[all]' against POST /danbe --> false
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.realm.RealmBase] No applicable constraint located
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Not subject to any constraint
2006-02-09 20:41:27,636 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.core.StandardWrapper] Returning non-STM instance
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] getResourceAsStream(META-INF/services/org.apache.xerces.xni.parser.XMLParserConfiguration)
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] Searching local repositories
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] findResource(META-INF/services/org.apache.xerces.xni.parser.XMLParserConfiguration)
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] --> Resource not found, returning null
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] Delegating to parent classloader unconditionally java.net.FactoryURLClassLoader@157011e
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] --> Returning stream from parent
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] loadClass(org.apache.xerces.parsers.XML11Configuration, false)
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] Searching local repositories
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] findClass(org.apache.xerces.parsers.XML11Configuration)
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] findClassInternal(org.apache.xerces.parsers.XML11Configuration)
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] --> Passing on ClassNotFoundException
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] Delegating to parent classloader at end: java.net.FactoryURLClassLoader@157011e
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] Loading class from parent
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] loadClass(org.apache.xerces.impl.dv.dtd.DTDDVFactoryImpl, false)
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] Searching local repositories
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] findClass(org.apache.xerces.impl.dv.dtd.DTDDVFactoryImpl)
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] findClassInternal(org.apache.xerces.impl.dv.dtd.DTDDVFactoryImpl)
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] --> Passing on ClassNotFoundException
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] Delegating to parent classloader at end: java.net.FactoryURLClassLoader@157011e
2006-02-09 20:41:27,636 DEBUG [org.apache.catalina.loader.WebappClassLoader] Loading class from parent
2006-02-09 20:41:31,762 TRACE [org.jboss.security.plugins.JaasSecurityManager.myapp] Begin isValid, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1ac9cff[Subject(24589693).principals=[dan, Roles(members:Purchaser,Controler,everyone,dan)],credential.class=[C@138093,expirationTime=1139519417914]
2006-02-09 20:41:31,762 TRACE [org.jboss.security.plugins.JaasSecurityManager.myapp] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1ac9cff[Subject(24589693).principals=[dan, Roles(members:Purchaser,Controler,everyone,dan)],credential.class=[C@138093,expirationTime=1139519417914];credential.class=[C@138093
2006-02-09 20:41:31,762 TRACE [org.jboss.security.plugins.JaasSecurityManager.myapp] End validateCache, isValid=true
2006-02-09 20:41:31,762 TRACE [org.jboss.security.plugins.JaasSecurityManager.myapp] End isValid, true
2006-02-09 20:41:33,314 TRACE [org.jboss.security.SecurityAssociation] setPrincipal, p=dan, server=true
2006-02-09 20:41:33,314 TRACE [org.jboss.security.SecurityAssociation] setSubject, s=null, server=true
2006-02-09 20:41:34,777 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
2006-02-09 20:41:34,777 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
Can any one tell me If and where I was worng in the upgrade?
Is it a tomcat issue?
Thanks in advance,
Dan Berke
danbe@answers.com